Setup Guide - Fujitsusoftware.fujitsu.com/jp/manual/manualfiles/m130028/...Appendix C: Certificate...

B1X1-0294-02ENZ0(00)October 2013

Windows/Solaris/Linux

FUJITSU SoftwareInterstage Information IntegratorV11.0.0

Setup Guide

PrefaceThis document deals with the following products:

- Interstage Information Integrator Standard Edition V11.0.0

Additionally, the optional products listed below are also included.

- Interstage Information Integrator Agent V11.0.0

Purpose of This Document

This document explains the setup tasks performed after installation of Interstage Information Integrator (hereafter abbreviated as"Information Integrator").

Intended Readers

This document is intended for the following readers:

- Users who set up Information Integrator

The following knowledge is required to read this document:

- General knowledge about operating systems

- General knowledge about the internet

- General knowledge about database functions and how to use them

- General knowledge about public clouds

- General knowledge about forms

Structure of This Document

Chapter 1: Overview of Setup Operations

This chapter presents an overview of the setup tasks for Information Integrator.

Chapter 2: Setting up an Environment for Creating Definitions

This chapter explains how to set up an environment for creating design sheets.

Chapter 3: Setting up an Environment for Registering Definitions of Process Flow

This chapter explains how to set up an environment for registering definitions using the III Studio or design sheets.

Chapter 4: Setting up an Environment for the Server

This chapter explains how to define an operating environment and create a management area.

Chapter 5: Registering the Definitions of Process Flow

This chapter explains how to register the definitions of Process Flow.

The procedures for registering Process Flow definitions are explained.

Chapter 6: Setting Up an Environment for Sending and Receiving Files

This chapter explains how to set up an environment for sending and receiving files.

Chapter 7: Setting up an Operation Management Environment

This chapter explains how to set up an operation management environment.

Chapter 8: Starting and Stopping the System

This chapter explains how to start and stop the system.

Chapter 9: Changing the Setup Information

This chapter explains how to change the setup information.

- i -

Chapter 10: Setup for Cluster Systems

This chapter explains the setup method for using a cluster system.

Appendix A: Supplementary Information

This appendix presents supplementary information for setting up Information Integrator.

Appendix B: Notes Regarding Setup when Using the Information Integrator Server

This appendix presents some points to note regarding setup when using the Information Integrator Server.

Appendix C: Certificate Management Package Commands

This appendix presents the commands used in the certificate management package.

Positioning of This Document

FUJITSU Software Interstage Information Integrator Structure and Overview of Manuals

This document lists the manual structure for Information Integrator, as well as which manuals should be referred to for different userpurposes and objectives.

FUJITSU Software Interstage Information Integrator System Design Guide

This document presents an overview of Information Integrator functions, as well as information about system configurations and designissues.

FUJITSU Software Interstage Information Integrator Setup Guide [this document]

This document explains how to create an environment after Information Integrator has been installed.

FUJITSU Software Interstage Information Integrator Operation Guide

This document explains how to operate Information Integrator.

FUJITSU Software Interstage Information Integrator Command Reference

This document explains the commands provided by Information Integrator.

FUJITSU Software Interstage Information Integrator Transfer Accelerator Setup Guide

This document explains the outline, the environmental construction method, and operation procedure of III Transfer Accelerator.

FUJITSU Software Interstage Information Integrator Message Guide

This document lists the messages output by Information Integrator.

FUJITSU Software Interstage Information Integrator Glossary

This document is a glossary of the terms used in the Information Integrator manuals.

FUJITSU Software Symfoware Server Message Guide

This guide explains lists the messages output by Symfoware Server.

Conventions Used in This Document

Manual titles

The manual titles listed in this document are abbreviated as below.

Information Integrator manual

Abbreviation Official title

Structure and Overview of Manuals FUJITSU Software Interstage Information Integrator Structure andOverview of Manuals

System Design Guide FUJITSU Software Interstage Information Integrator System DesignGuide

Setup Guide (This document) FUJITSU Software Interstage Information Integrator Setup Guide

Operation Guide FUJITSU Software Interstage Information Integrator Operation Guide

- ii -


Command Reference FUJITSU Software Interstage Information Integrator CommandReference

Transfer Accelerator Setup Guide FUJITSU Software Interstage Information Integrator TransferAccelerator Setup Guide

Message Guide FUJITSU Software Interstage Information Integrator Message Guide

Glossary FUJITSU Software Interstage Information Integrator Glossary

Related manual


Symfoware Message Guide FUJITSU Software Symfoware Server Message Guide

Abbreviations

The product names listed in this document are abbreviated as below.

Note that system names and product names in this document are not followed by trademark symbols such as ä or â.


Windows Microsoft® Windows Server® 2012 Foundation

Microsoft® Windows Server® 2012 Essentials

Microsoft® Windows Server® 2012 Standard

Microsoft® Windows Server® 2012 Datacenter

Microsoft Windows Server 2008 Foundation

Microsoft Windows Server 2008 Standard

Microsoft Windows Server 2008 Enterprise

Microsoft Windows Server 2008 Datacenter

Microsoft Windows Server 2008 Standard without Hyper-V

Microsoft Windows Server 2008 Enterprise without Hyper-V

Microsoft Windows Server 2008 Datacenter without Hyper-V

Microsoft Windows Server 2008 R2 Foundation

Microsoft Windows Server 2008 R2 Standard

Microsoft Windows Server 2008 R2 Enterprise

Microsoft Windows Server 2008 R2 Datacenter

Microsoft Windows Server 2003, Standard Edition

Microsoft Windows Server 2003, Enterprise Edition

Microsoft Windows Server 2003, Datacenter Edition

Microsoft Windows Server 2003, Standard x64 Edition

Microsoft Windows Server 2003, Enterprise x64 Edition

Microsoft Windows Server 2003, Datacenter x64 Edition

Microsoft Windows Server 2003 R2, Standard Edition

Microsoft Windows Server 2003 R2, Enterprise Edition

Microsoft Windows Server 2003 R2, Datacenter Edition

Microsoft Windows Server 2003 R2, Standard x64 Edition

Microsoft Windows Server 2003 R2, Enterprise x64 Edition

- iii -


Microsoft Windows Server 2003 R2, Datacenter x64 Edition

Windows®8

Windows®8 Pro

Windows®8 Enterprise

Windows®7 Home Premium

Windows®7 Professional


Windows®7 Ultimate

Windows® Vista Home Basic

Windows® Vista Home Premium

Windows® Vista Business

Windows® Vista Ultimate

Windows® Vista Enterprise

Windows® XP Home Edition

Windows® XP Professional

Windows® XP

Windows XP Windows® XP Home Edition

Windows® XP Professional

Windows Vista Windows® Vista Home Basic

Windows® Vista Home Premium

Windows® Vista Business

Windows® Vista Ultimate

Windows® Vista Enterprise

Windows 7 Windows®7 Home Premium

Windows®7 Professional


Windows®7 Ultimate

Windows 8 Windows®8

Windows®8 Pro


Windows Server 2003 Microsoft Windows Server 2003, Standard Edition

Microsoft Windows Server 2003, Enterprise Edition

Microsoft Windows Server 2003, Datacenter Edition

Microsoft Windows Server 2003, Standard x64 Edition

Microsoft Windows Server 2003, Enterprise x64 Edition

Microsoft Windows Server 2003, Datacenter x64 Edition

Microsoft Windows Server 2003 R2, Standard Edition

Microsoft Windows Server 2003 R2, Enterprise Edition

Microsoft Windows Server 2003 R2, Datacenter Edition

- iv -


Microsoft Windows Server 2003 R2, Standard x64 Edition

Microsoft Windows Server 2003 R2, Enterprise x64 Edition

Microsoft Windows Server 2003 R2, Datacenter x64 Edition

Windows Server 2008 Microsoft Windows Server 2008 Foundation


Microsoft Windows Server 2008 Enterprise


Microsoft Windows Server 2008 Standard without Hyper-V

Microsoft Windows Server 2008 Enterprise without Hyper-V

Microsoft Windows Server 2008 Datacenter without Hyper-V

Microsoft Windows Server 2008 R2 Foundation

Microsoft Windows Server 2008 R2 Standard

Microsoft Windows Server 2008 R2 Enterprise

Microsoft Windows Server 2008 R2 Datacenter

Windows Server 2012 Microsoft Windows Server 2012 Foundation

Microsoft Windows Server 2012 Essentials



Failover Clusters Windows Server 2008 Failover Clusters

Microsoft Cluster Service

Excel Microsoft® Excel

Word Microsoft® Word

SQL Server Microsoft® SQL Server™

Oracle Oracle® Enterprise Edition

Oracle® Database Standard Edition

Oracle® Database Standard Edition One

Oracle® Database Enterprise Edition

Solaris Oracle Solaris

Linux Red Hat Enterprise Linux

UNIX Solaris

Linux

XL-DATA/MV XL DATA MOVER

Softek XL DATA MOVER

ETERNUS SF XL-DATA/MV

OSIV MSP XL-DATA/MV

Interstage ApplicationServer

Interstage® Application Server Standard-J Edition

Interstage® Application Server Enterprise Edition

Shunsaku Interstage® Shunsaku Data Manager Enterprise Edition

Data Effector Interstage® Data Effector Standard Edition

- v -


Charset Manager Interstage® Charset Manager

Linkexpress Linkexpress

Linkexpress Advanced Edition

Linkexpress Standard Edition

Linkexpress Enterprise Edition

Symfoware Server Symfoware® Server Standard Edition

Symfoware® Server Enterprise Edition

Symfoware® Server Enterprise Extended Edition

DB2 IBM® DB2 9.7 for Linux, UNIX and Windows, Express Edition

IBM® DB2 9.7 for Linux, UNIX and Windows, Workgroup Server Edition

IBM® DB2 9.7 for Linux, UNIX and Windows, Enterprise Server Edition

Note

In this manual, please read Start menu of Windows in a different way as Start Window or All Apps Window when you use Windows 8or Windows Server 2012.

Export Restriction

If this document is to be exported or provided overseas, confirm legal requirements for the Foreign Exchange and Foreign Trade Act aswell as for other laws and regulations including U.S. Export Administration Regulations, and follow any necessary procedures.

Trademarks

Microsoft, Windows Azure, Windows, Windows Vista, Windows Server, and Excel are either registered trademarks or trademarks ofMicrosoft Corporation in the United States and/or other countries.

UNIX is a registered trademark of The Open Group in the United States and other countries.

Oracle and Java are registered trademarks of Oracle and/or its affiliates.

Linux is a registered trademark of Linus Torvalds.

Red Hat, RPM, and all Red Hat-based trademarks and logos are trademarks or registered trademarks of Red Hat, Inc. in the United Statesand other countries.

HULFT is a registered trademark of Saison Information Systems Co., Ltd.

Salesforce is a registered trademark of salesforce.com, Inc.

DB2 is a trademark of International Business Machines Corp., registered in many jurisdictions worldwide.

PostgreSQL is a trademark of PostgreSQL in the United States and other countries.

Interstage, Linkexpress, Symfoware, Shunsaku, and Systemwalker are registered trademarks of FUJITSU LIMITED.

Other company names and product names used in this document are trademarks or registered trademarks of their respective owners.

Issue Date and Version

October 2013

October 2013: First Edition

Copyright

- No part of the content of this document may be reproduced without the written permission of

Fujitsu Limited.

- vi -

- The contents of this document may be changed without notice.

Copyright FUJITSU LIMITED 2013

- vii -

ContentsChapter 1 Overview of Setup Operations.................................................................................................................................1

1.1 Overview of Setup Tasks.....................................................................................................................................................................11.1.1 System Configuration...................................................................................................................................................................2

1.2 Setting up the III Agent.......................................................................................................................................................................21.3 Simple Setup........................................................................................................................................................................................3

Chapter 2 Setting up an Environment for Creating Definitions.................................................................................................62.1 Setting up Environment Variables.......................................................................................................................................................6

Chapter 3 Setting Up an Environment for Registering Definitions of Process Flow.................................................................83.1 Registering Users.................................................................................................................................................................................8

3.1.1 User Types....................................................................................................................................................................................93.1.2 Registering Users........................................................................................................................................................................10

3.2 Setting Up the System........................................................................................................................................................................113.2.1 Setting Up the HOSTS (hosts) File ............................................................................................................................................11

3.2.1.1 For Windows........................................................................................................................................................................113.2.1.2 For UNIX.............................................................................................................................................................................12

3.2.2 Setting Up the SERVICES (services) File..................................................................................................................................133.2.3 Setting Up System Parameters [UNIX Only].............................................................................................................................15

3.2.3.1 For Solaris............................................................................................................................................................................153.2.3.2 For Linux.............................................................................................................................................................................18

3.2.4 Setting Up Environment Variables.............................................................................................................................................193.2.4.1 Content of the Environment Variables (Linux)...................................................................................................................193.2.4.2 Content of the Environment Variables (Solaris)..................................................................................................................213.2.4.3 Content of the Environment Variables (Windows).............................................................................................................233.2.4.4 How to Set Up Environment Variables...............................................................................................................................24

Chapter 4 Setting up an Environment for the Server..............................................................................................................264.1 Defining the Operating Environment................................................................................................................................................27

4.1.1 Editing the Operating Environment File.....................................................................................................................................274.1.1.1 Syntax for the Operating Environment File.........................................................................................................................284.1.1.2 Key Names and Parameter Values in the Operating Environment File..............................................................................284.1.1.3 Specification Examples for the Operating Environment File..............................................................................................39

4.1.2 Editing the Adapter Definition File............................................................................................................................................404.1.2.1 Syntax for the Adapter Definition File................................................................................................................................414.1.2.2 Key Names and Parameter Values in the Adapter Definition File......................................................................................42

4.1.2.2.1 When Extracting or Storing a Salesforce Object..........................................................................................................424.1.2.2.2 When Extracting or Storing a Salesforce Object..........................................................................................................424.1.2.2.3 When Collecting or Delivering BLOB.........................................................................................................................424.1.2.2.4 When high-speed file transfer.......................................................................................................................................43

4.1.2.3 Specification Example for the Adapter Definition File.......................................................................................................434.2 Creating a Management Area............................................................................................................................................................44

4.2.1 Creating Raw Devices [UNIX Only]..........................................................................................................................................444.2.1.1 For Solaris............................................................................................................................................................................444.2.1.2 For Linux.............................................................................................................................................................................44

4.2.2 Editing the Tuning Parameter File..............................................................................................................................................464.2.2.1 Elements in the Calculation of Tuning Parameter Values...................................................................................................474.2.2.2 Syntax for the Tuning Parameter File..................................................................................................................................474.2.2.3 Key Names and Parameter Values in the Tuning Parameter File........................................................................................474.2.2.4 Specification Example for the Tuning Parameter File.........................................................................................................55

4.2.3 Creating Scripts...........................................................................................................................................................................574.2.4 Creating a Management Area.....................................................................................................................................................60

4.2.4.1 Creating an RDB Dictionary................................................................................................................................................604.2.4.2 Registering the RDB System [Windows Only]...................................................................................................................614.2.4.3 Starting Symfoware Server..................................................................................................................................................62

- viii -

4.2.4.4 Creating a Work Database...................................................................................................................................................62

Chapter 5 Registering the Definitions of Process Flow..........................................................................................................645.1 Registering the Definitions of Process Flow.....................................................................................................................................65

5.1.1 Starting the Information Integrator Server..................................................................................................................................655.1.2 Registering the definitions of Process Flow...............................................................................................................................655.1.3 Stopping the Information Integrator Server................................................................................................................................65

Chapter 6 Setting Up an Environment for Sending and Receiving Files................................................................................666.1 When the Communication protocol(s) is TCP/IP or HISPD.............................................................................................................66

6.1.1 Environment Setup when the Communication Protocol(s) is TCP/IP or HISPD.......................................................................676.1.2 Notes on Using FTP as the Communication Protocol(s)............................................................................................................676.1.3 Notes on Using HTTP or HTTPS as the Communication Protocol(s).......................................................................................676.1.4 Notes on Using HISPD as the Communication Protocol(s).......................................................................................................69

6.2 When the Communication Protocol(s) is HULFT.............................................................................................................................706.2.1 Support Range.............................................................................................................................................................................706.2.2 Registering the HULFT Linkage Job Module............................................................................................................................706.2.3 User Permissions for Using HULFT..........................................................................................................................................726.2.4 Notes on Setup............................................................................................................................................................................72

Chapter 7 Setting Up the Operation Management Environment............................................................................................747.1 Notes on Security...............................................................................................................................................................................74

7.1.1 Placing the Web Server...............................................................................................................................................................757.1.2 Setting Up the Web Server.........................................................................................................................................................757.1.3 Managing the Password..............................................................................................................................................................757.1.4 Measures for Preventing Data Leaks and Masquerading...........................................................................................................757.1.5 DoS Countermeasures.................................................................................................................................................................757.1.6 Auditing and Monitoring............................................................................................................................................................75

Chapter 8 Starting and Stopping the System.........................................................................................................................768.1 Starting the Servers............................................................................................................................................................................768.2 Stopping the Servers..........................................................................................................................................................................778.3 Automatically Starting and Stopping the Information Integrator Server (UNIX).............................................................................78

Chapter 9 Changing the Setup Information............................................................................................................................819.1 Changing the Information Integrator Server Environment................................................................................................................81

9.1.1 Adding, Changing and Deleting Users.......................................................................................................................................819.1.2 Changing the Operating Environment........................................................................................................................................82

9.2 Changing the Destination System......................................................................................................................................................82

Chapter 10 Setup for Cluster Systems...................................................................................................................................8310.1 Overview of Cluster Systems..........................................................................................................................................................8310.2 Cluster System Configurations........................................................................................................................................................8310.3 Disk Allocation for Operation Resources........................................................................................................................................8410.4 Setup Procedure...............................................................................................................................................................................85

10.4.1 Setup Procedure for Windows..................................................................................................................................................8510.4.1.1 Preparation.........................................................................................................................................................................8710.4.1.2 Installing Information Integrator.......................................................................................................................................8710.4.1.3 Setting up an Environment for Information Integrator......................................................................................................8710.4.1.4 Registering with Failover Cluster......................................................................................................................................9010.4.1.5 Checking that Information Integrator Services Can Run...................................................................................................91

10.4.2 Setup Procedure for UNIX.......................................................................................................................................................9110.4.2.1 Preparation.........................................................................................................................................................................9310.4.2.2 Installing Information Integrator.......................................................................................................................................9310.4.2.3 Setting up an Environment for Information Integrator......................................................................................................9310.4.2.4 Sharing...............................................................................................................................................................................9710.4.2.5 Registering Information Integrator Resources...................................................................................................................98

10.4.2.5.1 When the Command Terminates Abnormally............................................................................................................9910.4.2.6 Creating Cluster Resources..............................................................................................................................................100

- ix -

10.4.2.7 Creating User Applications..............................................................................................................................................10110.5 Uninstallation.................................................................................................................................................................................103

10.5.1 For Windows...........................................................................................................................................................................10310.5.2 For UNIX................................................................................................................................................................................103

10.6 Notes on Changing Definitions......................................................................................................................................................10410.7 Notes when a Failover Occurs.......................................................................................................................................................104

Appendix A Supplementary Information...............................................................................................................................105A.1 Correcting Errors with the ifimks Command..................................................................................................................................105A.2 Correcting Errors with Creating a Management Area....................................................................................................................106

Appendix B Notes Regarding Setup when Using the Information Integrator Server............................................................109B.1 Delivering Process Flow Definitions to the III Agent....................................................................................................................109

B.1.1 Adding, Changing, and Deleting Process Flow Definitions on the III Agent..........................................................................110B.2 Creating the Environment Required to Register Definitions in the III Agent................................................................................110

B.2.1 When Installing a III Agent for the First Time........................................................................................................................111B.2.2 When Adding a III Agent.........................................................................................................................................................113B.2.3 When Deleting the III Agent....................................................................................................................................................115

Appendix C Certificate Management Package Commands.................................................................................................116C.1 Location of the Commands.............................................................................................................................................................116C.2 Compatible Character Sets..............................................................................................................................................................116C.3 mkslt (Generate Slot)......................................................................................................................................................................116C.4 mktkn (Generate Token).................................................................................................................................................................117C.5 cmmkenv (Create Environment).....................................................................................................................................................118C.6 cmsetenv (Set Environment)...........................................................................................................................................................119C.7 cmmakecsr (Create Certificate Request).........................................................................................................................................121C.8 cmentcert (Register Certificate)......................................................................................................................................................123C.9 cmentcrl (Register CRL).................................................................................................................................................................124C.10 cmlistcert (Display Certificate List)..............................................................................................................................................125C.11 cmdspcert (Display Certificate Content).......................................................................................................................................127C.12 cmlistcrl (Display CRL List).........................................................................................................................................................129C.13 cmrmcert (Delete Certificate).......................................................................................................................................................130C.14 initkn (Initialize Token)................................................................................................................................................................131C.15 setpin (Change PIN)......................................................................................................................................................................132C.16 Message.........................................................................................................................................................................................133

C.16.1 Output Format........................................................................................................................................................................133C.16.2 Message Details.....................................................................................................................................................................134

- x -

Chapter 1 Overview of Setup OperationsThis chapter presents an overview of the setup tasks for Information Integrator.

1.1 Overview of Setup TasksThis section describes the tasks required to set up Information Integrator. These set up tasks are performed using a standard systemconfiguration.

Refer to "1.1.1 System Configuration" for information on what is considered a standard system configuration.

Figure 1.1 Overview of setup tasks

- 1 -

Point

Finish installing all of the software used by the system before performing this procedure.

Refer to the Software Release Note or the Installation Guide for information on how to install and uninstall the software.

1.1.1 System ConfigurationThis document explains setup operations assuming the following system configuration:

Figure 1.2 System configuration

See

Refer to the System Design Guide for information on the system configuration.

1.2 Setting up the III AgentThis section explains the procedure for setting up the III Agent. The setup procedure for the III Agent is the same as the setup procedurefor the Information Integrator Server.

Refer to "1.1 Overview of Setup Tasks" for information on the setup procedure.

Refer to the setup procedures described in chapter 2 and beyond for information about each procedure. Where appropriate, the informationprovided for Information Integrator Server may also be used for the III Agent.

- 2 -

Point

When the Information Integrator Server and the III Agent are to be used in combination, the design information for Process Flows iscreated and managed in definitions on the Information Integrator Server. The definitions used in the III Agent are created on the InformationIntegrator Server and then delivered to the III Agent.

Refer to "Appendix B Notes Regarding Setup when Using the Information Integrator Server" for information on how to deliver ProcessFlow definitions to the III Agent from the Information Integrator Server.

1.3 Simple SetupSimple setup involves performing the basic setup for installation of the Information Integrator Server and III Agent. This setup can beused to configure a basic environment at an early stage such as when performing an operation check prior to the operation design.

Simple setup cannot be used if detailed tuning is required to suit business requirements (i.e., setup to suit the number of jobs run daily orthe number of days job data is retained).

Refer to the Software Release Note or the Command Reference for information on simple setup.

Part of the setup for the Information Integrator Server is performed during simple setup. The following describes some points to note forsetup procedures for the Information Integrator Server beyond "Chapter 2 Setting up an Environment for Creating Definitions".

Table 1.1 Relationships between the setups for the Information Integrator Server

The different setups forInformation Integrator Server

Simple Setup Points

Windows UNIX

Registering Users Y Y The following are set as privileged usersor operators so this setup procedure maybe skipped:

- Windows

"Administrator"

- UNIX

"root"

Setting Up the System N N For Windows, when linking with thecollection source system or deliverydestination system, the system setting"Setting Up the HOSTS File" isrequired.

"Setting Up the HOSTS File" and"Setting Up the SERVICES File" arerequired for UNIX.

Setting Up System Parameters N N System parameter settings are notrequired for Windows.

For UNIX, "Setting up SystemParameters [UNIX Only]" is required.

Setting Up Environment Variables P N For Windows, the system environmentvariables "PATH" and "RDBNAME"will be set. Other parameters should beset to suit the business requirements.

For UNIX, "Setting up EnvironmentVariables" is required.

Defining the OperatingEnvironment

P P The following key settings or defaultsare used in the operating environment

- 3 -


Simple Setup Points

Windows UNIX

file for simple setup. Behavior may notbe correct if these keys are changed: (*1)

- stk_path

- dbms_name

- recordterm

- exctterm

- procrecvnum

- trnexecnum

- cnvexecnum

Keys other than this may require editingto suit business requirements. Do notcopy from the provided sample, butrather edit the operating environmentfile directly.

The operating environment file editedduring simple setup is located in thefollowing directory:

- Windows

"InformationIntegratorServerInstallDirectory\etc"

- UNIX

/opt/FJSVifisv/etc

Creating a Management Area Y Y The management area is created in theUNIX file system during simple setup.

Setting Up an Environment forSending and Receiving Files

N N -

Setting Up the OperationManagement Environment

N N -

Starting the Servers Y N For Windows, the InformationIntegrator Server will be running whensimple setup is completed. Stop it beforegoing any further.

For UNIX, the Information IntegratorServer will be stopped when simplesetup is completed.

Use cold start for the first start up of theInformation Integrator Server.

Starting the Web server N N -

Changing the Setup Information - - If the management area is to be changed,first delete the Information Integratorenvironment with the ifisysunsetupcommand, then execute the ifisyssetupcommand to perform simple setup.

- 4 -


Simple Setup Points

Windows UNIX

Refer to the Command Reference forinformation on these commands.

Setup for Cluster Systems N N Simple setup is not possible for clustersystems.

Y: Setup required

P: Partial setup required

N: No setup required

*1: When modifying, check the points listed in "Changing the Setup Information".

Note

Procedures not setup in simple setup

For procedures not setup with simple setup, perform the appropriate setup procedures separately.

- 5 -

Chapter 2 Setting up an Environment for CreatingDefinitions

This chapter explains the procedure for setting up an environment for creating Process Flow definitions with III Studio.

The following setup procedure needs to be performed only once after installing the client:

Figure 2.1 Procedure for setting up an environment for creating Process Flow definitions

2.1 Setting up Environment VariablesEnvironment variables must be set up to use the following:

- Salesforce metadata collection

- Commands to compress or decompress data with the process plug-in

- 6 -

Table 2.1 Environment variable settingsVariable name Description Setting

PATH The path to the Javaexecution environment

%JAVA_HOME%\bin

Point

%JAVA_HOME%

"%JAVA_HOME%" refers to the installation directory for the JDK or the JRE.

Example:

C:\Interstage\JDK5

- 7 -

Chapter 3 Setting Up an Environment for RegisteringDefinitions of Process Flow

This chapter explains how to set up an environment for registering definitions of Process Flow using III Studio.

Use the following procedure to set up an environment for registering definitions of Process Flow using III Studio.

Figure 3.1 Procedure for setting up an environment for registering definitions of Process Flow using III Studio

3.1 Registering UsersThis section explains how to register the users that use Information Integrator.

- 8 -

3.1.1 User TypesResources can be protected by setting up user privileges within Information Integrator for the resources (definitions and data) managedby Information Integrator and then performing authentication for each resource operation.

The types of users that use Information Integrator are as follows:

- Information Integrator privilege user

- Information Integrator operation user

Each of these user types is explained below.

Information Integrator privilege user

This is the only user that can perform all resource operations for Information Integrator. Hereafter, this type of user is called a "privilegeuser". privilege users must meet the following conditions.

For Windows

- Must belong to the Administrators group

- Must have the following operating system permissions:

- Act as part of the operating system

- Increase quotas (Adjust memory quotas for a process)Note: This permission is granted by default if the user is a member of the Administrators group.

- Log on as a service

- Create a token object

- Replace a process level token

The procedure for granting permissions is as follows:

1. Select Start >> Control Panels >> Administrative Tools >> Local Security Policies.

2. Select the desired policy under Security Settings >> Local Policies >> User Rights Assignment, and then add a user ID.

For UNIX

Specify the root user.

Information Integrator operation user

This is a general user who can log in to the server operating system to perform various operations such as registering design sheets andusing the Operation Management Client and the commands provided by Information Integrator.

The permissions granted to operation users (which operations can be performed on which resources) follow the settings that have beenspecified by the privilege user beforehand.

For UNIX

Operation users must belong to a group that is specified during installation.

For cluster operations, Information Integrator must always be installed by specifying the same group for both the active system and thestandby system. Ensure that these systems have the same group ID (a number) rather than the same group name (such as "sys" or "iii").

- For Solaris

Check that the "gid" (primary group) and "groups" (secondary groups) in the output results for "/usr/bin/id -a" are the same.

- For Linux

Check that the "gid" (primary group) and the current group (secondary group) in the output results for "/usr/bin/id -a" are the same.

Example

When the group specified during installation is "iii" (gid=7002)

- 9 -

The following examples explain whether users can be used as Information Integrator operation users, according to different output resultsfor the "/usr/bin/id -a" command.

Note that the following output examples vary slightly from actual output. This is because only the content that is necessary for theexplanation above has been extracted from the actual output.

- When the user can be used as an operation user

The user can be used as an operation user because the "gid" is the same.

uid=6001(iiiuser) gid=7002(iii) groups=7002(iii),7003(apgrp)

- When the user cannot be used as an operation user

The user cannot be used as an operation user because the "gid" is not the same.

uid=6002(iiiuser2) gid=7003(apgrp) groups=7002(iii),7003(apgrp)

3.1.2 Registering UsersThis section explains how to register the users that use Information Integrator.

Registration method

- Privilege user

- For Windows

Define the user as the following key name in the operating environment file.

"admuser"

If this key is omitted, the "Administrator" user will become the privilege user. The privilege user can also be changed whenInformation Integrator is installed.

- For UNIX

No specification is required. The superuser becomes the Information Integrator privilege user.

- Operation user

- Definition operations

- Create and register definitions of Process Flow using III Studio


"defuser"

- Look up definitions of Process Flow using III Studio


"defreaduser"

See

A sample operating environment file is available, so make definitions by reusing this sample file.

Refer to "4.1.1 Editing the Operating Environment File" for details on the sample operating environment file and how to edit it.

- Operating integration processes

- Execute integration processes and perform monitoring operations

For each "process group" defined in the process definition sheet, specify which users can operate integration processes.

Use the ifiuserctl (user privilege manipulation) command to specify these users. Refer to the Command Reference for detailson this command.

- 10 -

Definition example for the operating environment file

A definition example for the operating environment file is shown below.

# Copyright FUJITSU LIMITED 2009-2011

.....

admuser=Administrator #Information Integrator privilege user

defuser=tanaka,Suzuki #Operation users (when definitions are created and

registered by two people)

.....

Trigger for the operating environment file to take effect

The content of the operating environment file takes effect when the Information Integrator Server is restarted.If the information for these key names in the operating environment file is changed, the changes will take effect after the InformationIntegrator Server is restarted.

Point

If the Information Integrator privilege user and operation user are the same user, the operating environment file can be left unchangedwith the default values.

3.2 Setting Up the SystemThe HOSTS and SERVICES files need to be set up for the Information Integrator Server. Set up the HOSTS file for the InformationIntegrator Client if necessary. In this case, specify the IP address of the Information Integrator Server in the HOSTS file.

Note

For Windows Server 2008, these operations must always be performed with Administrator privileges.

3.2.1 Setting Up the HOSTS (hosts) FileThis section explains the settings for the HOSTS (hosts) file.

Note

These settings are not required if names are resolved using DNS. Specify the IP address for the DNS server.

3.2.1.1 For Windows

Settings

Specify the following settings in the HOSTS (hosts) file.

- Information about the connection destination, either the collection source (system) or the delivery destination (system)

- Server name (host name)

- IP address

- 11 -

Point

For systems that assume mutual connectivity between IPv6 and IPv4, specify both the IPv6 network address and the IPv4 networkaddress. Refer to the ???System Design Guide??? for IPv6 environments and related issues.

If more connection destination systems (either collection source (systems) or delivery destination (systems)) are added after operationshave started, add information about the new servers to the HOSTS file.

Note that when the Information Integrator Server is installed, both the local IP address and the local server name are automatically set upin the HOSTS (hosts) file.

File storage location

<Installation directory for the Windows system>\SYSTEM32\DRIVERS\ETC\HOSTS

Definition example

.....

192.168.200.1 Sys1 #local system (already set up automatically during

installation)

192.168.200.2 SYSB #Collection source (system) 1

192.168.200.3 sys3 #Collection source (system) 2

192.168.200.4 SYS4 #Delivery destination (system) 1

.....

3.2.1.2 For UNIX

Settings

Specify the following settings in the HOSTS (hosts) file.

- Local information

- IP address

- Server name

- Information about the connection destination, either the collection source (system) or the delivery destination (system)

- Server name (host name)

- IP address

Point

For systems that assume mutual connectivity between IPv6 and IPv4, specify both the IPv6 network address and the IPv4 network address.Refer to the System Design Guide for IPv6 environments and related issues.

If more connection destination systems (either collection source (systems) or delivery destination (systems)) are added after operationshave started, add information about the new servers to the HOSTS (hosts) file.


- For IPv4

/etc/hosts

- 12 -

- For IPv6

- For Solaris

/etc/inet/ipnodes

- For Linux

/etc/hosts

Definition example

- For IPv4

.....

192.168.200.1 Sys1 #Local system

192.168.200.2 SYSB #Collection source (system) 1

192.168.200.3 sys3 #Collection source (system) 2

192.168.200.4 SYS4 #Delivery destination (system) 1

.....

- For IPv6

.....

2::9255:a00:20ff:fe78:f37c Sys1 #Local system

fe80::a00:20ff:fe78:f37c SYSB #Collection source (system) 1

2::9256:a00:20ff:fe87:fe12 sys3 #Collection source (system) 2

fe80::a00:20ff:fe87:fe12 SYS4 #Delivery destination (system)

.....

3.2.2 Setting Up the SERVICES (services) FileThis section explains the settings for the SERVICES (services) file.

Note

- In Windows environments, these settings are not required if "It edits it at the same item as setting it up." was selected for "Edit ofsystem file" during installation.

- The following ports are used during data conversion processing. However, there is no need to specify these ports in the SERVICES(services) file.

- Port number: 9460

- Port number: 9461

- Port number: 9462

Settings

Specify the following settings in the SERVICES (services) file.

Specify each of these settings in the following order: <service name>, <port number>/<protocol>.

- Settings for communications between clients and servers

ifitrnc 9463/tcp

- 13 -

The recommended port number is "9463".

- Settings for the communication protocol(s)

- Settings for FTP+, FTP or FTPM

ifitrnf 9464/tcp


Note

Port numbers:

Refer to "6.1.2 Notes on Using FTP as the Communication Protocol(s)" for notes on the port numbers to be specified.

- Settings for HTTP

ifitrnh 9465/tcp


- Settings for HTTPS

ifitrnhs 9466/tcp


Note

Port numbers:

Refer to "6.1.3 Notes on Using HTTP or HTTPS as the Communication Protocol(s)" for notes on the port numbers to be specifiedwhen the communications protocol is HTTP.

- Settings for HISPD

ifitrnsc 9467/tcp

ifitrnsc 9467/udp


ifitrnhspd 9468/tcp


Note

- Do not specify the "aliases" item.

- The "service name" and "protocol" items are fixed. Do not specify other strings.


- For Windows

<Installation directory for the Windows system>\SYSTEM32\DRIVERS\ETC\SERVICES

- 14 -

- For UNIX

/etc/services

Definition example

.....

ifitrnc 9463/tcp #For communications between Information Integrator

Clients and servers

ifitrnf 9464/tcp #When the communications protocol is FTP+, FTP or FTPM

ifitrnh 9465/tcp #When the communications protocol is HTTP

ifitrnhs 9466/tcp #When the communications protocol is HTTPS

ifitrnsc 9467/tcp #When the communications protocol is HISPD

ifitrnsc 9467/upd #When the communications protocol is HISPD

ifitrnhspd 9468/tcp #When the communications protocol is HISPD

.....

3.2.3 Setting Up System Parameters [UNIX Only]This section explains the system parameters that must be set when Information Integrator is installed on Solaris or Linux systems. Thereare no system parameters that must be set when Information Integrator is installed on Windows systems.

Refer to the operating system manual for details on how to set up the system parameters.

3.2.3.1 For SolarisAdjust the following system parameters. The following system parameter values are required for the Information Integrator Server to run.For the overall system, you also need to consider the system parameter values used by user applications and middleware products otherthan Information Integrator.

The locations of the system parameter settings are shown in the following table. Restart the system after specifying the settings.

For Solaris 9

Set the following system parameters for the "system" and "user.root" entries in the "/etc/project" file.

Table 3.1 IPC parameters for Solaris 9

Item No. Parameter Defaultvalue

Value required byInformationIntegrator

(recommendedvalue)

Characteristics (*1)

Meaning

1 msginfo_msgmni(MSGMNI)

50 512 Addition Number of message queue identifiers

2 msginfo_msgmnb(MSGMNB)

4096 (*2) Maximum

Maximum size of messages that can be held ina single message queue

This parameter is related to the total number ofboth the process definitions that can be executedsimultaneously by the Information IntegratorServer and the transfer requests fromcommands.

3 msginfo_msgtql(MSGTQL)

40 (*3)

(22252 or more)

Addition Number of system message headers

This parameter is related to the total number ofboth the process definitions that can be executedsimultaneously by the Information IntegratorServer and the transfer requests fromcommands.

- 15 -

Item No. Parameter Defaultvalue

Value required byInformationIntegrator

(recommendedvalue)

Characteristics (*1)

Meaning

4 msginfo_msgmax(MSGMAX)

2048 8192 or more Maximum

Maximum size of messages

5 msginfo_msgmni(MSGMNI)

50 1032 Addition Number of message queue identifiers

6 seminfo_semmni(SEMMNI)

10 10760 Addition Number of semaphore identifiers

7 seminfo_semmns(SEMMNS)

60 36136 Addition Number of semaphores within the system

8 seminfo_semmsl(SEMMSL)

25 4096 Maximum

Maximum number of semaphores per id

9 seminfo_semmnu(SEMMNU)

30 (*4) + 4096 Addition Number of "undo" structures within the system

10 seminfo_semume(SEMUME)

10 4096 Maximum

Maximum number of "undo" entries per process

11 seminfo_semopm(SEMOPM)

10 256 Maximum

Maximum number of operations per semaphorecall

12 shminfo_shmmax 8388608 107374182 ormore

Maximum

Maximum segment size for shared memory

13 rlim_fd_max 65535 65535 Maximum

Maximum number of files that can be openedsimultaneously (*5)

14 rlim_fd_cur 256 2816 Maximum

(*5)

- *1: For IPC-related parameters, determine the value to be specified for the entire system based on the recommended values andspecified values that are indicated for each software product.

- Addition: Add the recommended/specified values for Information Integrator and for each of software products other thanInformation Integrator to the default values for the system.

- Maximum: Specify the largest value among the default values for the system and the recommended/specified values forInformation Integrator and for each of software products other than Information Integrator.

- *2: Maximum number of bytes for messages (MSGMNB)

Use the following formula to calculate the value for MSGMNB.

(<number of simultaneous transfer requests to the Information Integration Server> x 64) + (<number of filesthat can be simultaneously transferred by the Information Integration Server> x 380) + 9,216 <= MSGMNB

Number of simultaneous transfer requests:This is the sum total of the number of file transfer definitions for the data collection definitions and data delivery definitions withinprocess definitions as well as all of the transfer requests based on the number of commands executed.

Number of files that can be simultaneously transferred:This is the value specified for the "scale" item in the operating environment file. If the "scale" item has been omitted, use "256"in the calculation.

- *3: Number of system message headers

Use the following formula to calculate the value for MSGTQL.

- 16 -

MSGMNB/10 <= MSGTQL

Note

If MSGTQL is 22252 or less, specify "22252".

- *4: If HICS is used for the protocol, specify a value that is at least double the number of data source definitions. However, there is noneed to specify this item if there are less than 15 data source definitions.

- *5: Specify both "rlim_fd_max" and "rlim_fd_cur". If these items are not set up using system parameters, execute one of the followingcommands before using the Information Integrator start command.

- csh example

# limit descriptors 2816

- sh example

# ulimit -n 2816

- ksh example

# ulimit -n 2816

For Solaris 10

Set the following system parameters for the "system" and "user.root" entries in the "/etc/project" file.

The resource control type for each of the following system parameters is "privileged". Set parameters by adding the recommended valueto the default value or the value that has already been set by the system and by specifying "privileged" for the resource control type.

Table 3.2 IPC parameters for Solaris 10

Item No. Resource control Defaultvalue

Value requiredby Information

Integrator(recommended

value)

Characteristics

(*1)

Meaning

1 project.max-shm-memory 1/4 ofphysicalmemory

1073741824 ormore

Addition

Maximum segment size forshared memory

2 project.max-msg-ids 128 1544 Addition

Number of message queueidentifiers

3 process.max-msg-qbytes 65536 (*2) Maximum

Maximum size of messagesthat can be held in a singlemessage queue.

This parameter is related tothe total number of both theprocess definitions that can beexecuted simultaneously bythe Information IntegratorServer and the transferrequests from commands.

4 process.max-msg-messages 8192 (*3)

(22252 or more)

Addition

Number of system messageheaders.

This parameter is related tothe total number of both theprocess definitions that can be

- 17 -

Item No. Resource control Defaultvalue

Value requiredby Information

Integrator(recommended

value)

Characteristics

(*1)

Meaning

executed simultaneously bythe Information IntegratorServer and the transferrequests from commands.

5 project.max-sem-ids 128 10760 Addition

Number of semaphoreidentifiers

6 process.max-sem-nsems 512 4096 Maximum

Maximum number ofsemaphores per id

7 process.max-file-descriptor 256 2816 Maximum

- *1: For IPC-related parameters, determine the value to be specified for the entire system based on the recommended values andspecified values that are indicated for each software product.

- Addition: Add the recommended/specified values for Information Integrator and for each of software products other thanInformation Integrator to the default values for the system.

- Maximum: Specify the largest value among the default values for the system and the recommended/specified values forInformation Integrator and for each of software products other than Information Integrator.

- *2: Maximum number of bytes for messages (process.max-msg-qbytes)

Use the following formula to calculate the value for process.max-msg-qbytes.

(<number of simultaneous transfer requests to the Information Integration Server> x 64) + (<number of filesthat can be simultaneously transferred by the Information Integration Server> x 380) + 9,216 <= process.max-msg-qbytes

Number of simultaneous transfer requests:This is the sum total of the number of file transfer definitions for the data collection definitions and data delivery definitions withinprocess definitions as well as all of the transfer requests based on the number of commands executed.

Number of files that can be transferred simultaneously:This is the value specified for the "scale" item in the operating environment file. If the "scale" item has been omitted, use "256"in the calculation.

- *3: Number of system message headers

Use the following formula to calculate the value for process.max-msg-messages.

process.max-msg-qbytes/10 <= process.max-msg-messages

Note

If process.max-msg-messages is 22252 or less, specify "22252".

3.2.3.2 For LinuxThe following table shows the system parameters that need to be adjusted and how to set them. The following system parameter valuesare required for the Information Integrator Server to run. For the overall system, you also need to consider the system parameter valuesused by user applications and middleware products other than Information Integrator.

- 18 -

Table 3.3 Linux parametersParameter Entry Default

valueRecommended

valueMeaning Remarks

kernel.shmmax 33554432 1073741824 ormore

Maximum segment size forshared memory (*1)

Maximum

kernel.msgmnb 16384 6273024 Maximum capacity formessage queues

Maximum

kernel.msgmni 16 1544 Number of message queueidentifiers

Addition

kernel.sem semmsl 250 4096 Maximum number ofsemaphores per semaphoreidentifier

Maximum

semmns 32000 36016 Number of semaphoreswithin the system

Addition

semopm 32 256 Number of semaphoresthat can be acquired at once

Maximum

semmni 128 10248 Number of semaphoreidentifiers

Addition

For system parameters other than the ones above, the Information Integration Server will run with the default values for the operatingsystem. When changing system parameters other than the ones above, do not specify values smaller than the default values for the operatingsystem.

3.2.4 Setting Up Environment VariablesSet up the environment variables that are required to operate Information Integrator. This section explains which environment variablesto set, and how to set them.

3.2.4.1 Content of the Environment Variables (Linux)The following table shows the environment variables that need to be set.

Point

- $ORACLE_HOME

"$ORACLE_HOME" is the home directory for Oracle.

For example, if Oracle 10.2 has been installed in "/ora10", a specification example will be as below.

/ora10/app/oracle/product/10.2.0

- $JAVA_HOME

"$JAVA_HOME" refers to the installation directory for the JDK or the JRE.

A specification example is as follows:

/opt/FJSVawjbk/jdk5

Table 3.4 Environment Variable Settings (Linux)

Variable name Description Setting Notes on conditions and values for settings

RDBNAME RDB systemname

RDB system name For the "RDBNAME" environment variable,specify up to eight alphanumeric characters.Values are not case-sensitive. Do not specify an

- 19 -


existing RDB system name. Normally, specify"ifirdb".

Specify "ifirdb" when you do simple setup.

PATH Command searchpath

/opt/FJSVrdb2b/bin

/opt/FJSVifisv/bin

/opt/FJSVifisv/lnk/bin

/opt/FJSVifisv/hscnv/usr/bin

$ORACLE_HOME/bin

Specify this value to use Oracle for databaseextraction and storage.

/opt/FJSVifisv/enabler/bin

Specify this value to perform either of thefollowing operations:

- Extracting and storing Salesforce objects

Path to the Javaexecutionenvironment

$JAVA_HOME/bin Specify this value to perform either of thefollowing operations:

- To perform the following data conversionand editing using Information Integrator

- To convert data in ticket format

- To convert data in XML format

- To convert data that contains variableiterative items


- Collection and delivery BLOB

- Collection and delivery by high-speed filetransfer (*)

JAVA_HOME Java homedirectory

$JAVA_HOME

LD_LIBRARY_PATH

Library searchpath

/opt/FJSVrdb2b/lib

/opt/FJSVifisv/lib

/opt/FJSVifisv/de/lib


/opt/FJSVifisv/hscnv/lib

$ORACLE_HOME/lib Specify this value to use Oracle for databaseextraction and storage.

If Information Integrator runs in a 32-bitenvironment, specify the library path for 32-bitapplications.If Information Integrator runs in a 64-bitenvironment, specify the library path for 64-bitapplications.

The directory thatcontains "libjvm.so"

Specify this value to perform data conversionand editing.

LANG Language ja_JP.UTF-8

ORACLE_HOME Oracle homedirectory

$ORACLE_HOME Specify this value to use Oracle for databaseextraction and storage.

- 20 -


NLS_LANG Language Japanese_Japan.JA16EUC


The value shown to the left is an example forwhen EUC is used as the character encoding forthe database.

CLASSPATH jar fileinstallation path

- /opt/FJSVxmlfl/FJSVxmlflSchemaValidator.jar

- /opt/FJSVfdtsv/lib/F5FCFlsvdicc.jar

- Specify this variable to perform thefollowing data conversion and editing withInformation Integrator.




*) Specify JDK6.0 or JRE6.0.

3.2.4.2 Content of the Environment Variables (Solaris)The following table shows the environment variables that need to be set.

Point

- $ORACLE_HOME

"$ORACLE_HOME" is the home directory for Oracle.

For example, if Oracle 10.2 has been installed in "/ora10", a specification example will be as below.

/ora10/app/oracle/product/10.2.0

- $JAVA_HOME

"$JAVA_HOME" refers to the installation directory for the JDK or the JRE.


/opt/FJSVawjbk/jdk5

Table 3.5 Environment variable settings (Solaris)



RDB system name For the "RDBNAME" environment variable,specify up to eight alphanumeric characters.Values are not case-sensitive. Do not specify anexisting RDB system name. Normally, specify"ifirdb".

Specify "ifirdb" when you do simple setup.

PATH Command searchpath

/opt/FSUNrdb2b/bin

/opt/FJSVifisv/bin


/opt/FJSVifisv/hscnv/usr/bin

- 21 -


$ORACLE_HOME/bin


/opt/FJSVifisv/enabler/bin

Specify this value to perform either of thefollowing operations:


Path to the Javaexecutionenvironment

$JAVA_HOME/bin Specify this value to perform either of thefollowing operations:









$JAVA_HOME

LD_LIBRARY_PATH

Library searchpath

/opt/FSUNrdb2b/lib

/etc/opt/FSUNiconv/lib

/opt/FJSVifisv/lib


/opt/FJSVifisv/hscnv/lib

$ORACLE_HOME/lib Specify this value to use Oracle for databaseextraction and storage. Set the library path for32-bit applications here as well.

The directory thatcontains "libjvm.so"

Specify this value to perform data conversionand editing.

LANG Language - For EUC

ja

- For Shift-JIS

ja_JP.PCK

- For UTF-8

ja_JP.UTF-8

ORACLE_HOME Oracle homedirectory

$ORACLE_HOME Specify this value to use Oracle for databaseextraction and storage.

NLS_LANG Language Japanese_Japan.JA16EUC


The value shown to the left is an example whenEUC is used as the character encoding for thedatabase.

- 22 -



- /opt/FJSVxmlfl/FJSVxmlflSchemaValidator.jar

- /opt/FJSVfdtsv/lib/F5FCFlsvdicc.jar

- Specify this variable to perform thefollowing data conversion and editing withInformation Integrator.





3.2.4.3 Content of the Environment Variables (Windows)The following table shows the environment variables that need to be set.

Point

%JAVA_HOME%

"%JAVA_HOME%" refers to the installation directory for the JDK or the JRE.


C:\Interstage\JDK5

Table 3.6 Environment variable settings (Windows)



RDB system name Specify this value using up to eight alphanumericcharacters. Values are not case-sensitive. Do notspecify an existing RDB system name. Normally,specify "ifirdb".

The RDB System of the database that anotherproduct/user uses on the same System exists, andwhen they use system environment variable"RDBNAME", Specify RDB system name of theInformation Integrator Server for userenvironment variable "RDBNAME". In that case,it is necessary to add the "dbms_name" key to theoperating environment file, and to add as needed"dbms_code" key. Refer to "4.1.1.2 Key Namesand Parameter Values in the OperatingEnvironment File" for details.

"ifirdb" is set to system environment variable"RDBNAME" when you do simple setup. Do notmodify it.

PATH The path to theJava executionenvironment

%JAVA_HOME%\bin

Specify these variables to perform either of thefollowing operations:





%JAVA_HOME%

- 23 -






NLS_LANG Language Japanese_Japan.AL32UTF8

Specify this value to use Oracle for databaseextraction and storage when necessary. The valueshown to the left is an example when UTF8 isused as the character encoding for the database.


- Installationdirectory forFormatmanager\F5FCXMLV\jar\F5FCSchemaValidator.jar

- Installationdirectory forFormatmanager\F5FCflsv\lib\F5FCFlsvdicc.jar

- Specify this variable to perform dataconversion and editing.

- If the Formatmanager that comes bundledwith Information Integrator is used, theinstallation directory for Formatmanager willbe <Information Integrator installationdirectory>\FMSV.


3.2.4.4 How to Set Up Environment VariablesSet up environment variables.

Ensure that the environment variables set up here take effect not only when Information Integrator is installed, but also when variousdefinition operations for Information Integrator are performed, and when the Information Integrator Server is started, stopped and operated.

- For Solaris

A specification example for environment variables is shown below.

RDBNAME=ifirdb ##### defaultexport RDBNAME

PATH=$PATH:/opt/FSUNrdb2b/bin:/opt/FJSVifisv/bin:/opt/FJSVifisv/lnk/bin:/opt/FJSVifisv/hscnv/usr/binexport PATHLD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/FSUNrdb2b/lib:/opt/FJSVifisv/de/lib:/etc/opt/FSUNiconv/lib:/opt/FJSVifisv/lib:/opt/FJSVifisv/lnk/bin:/opt/FJSVifisv/hscnv/libexport LD_LIBRARY_PATHLANG=ja ##### EUC->ja SJIS->ja_JP.PCKexport LANG

- For Linux

A specification example for environment variables is shown below.

RDBNAME=ifirdb ##### defaultexport RDBNAMEPATH=$PATH:/opt/FJSVrdb2b/bin:/opt/FJSVifisv/bin:/opt/FJSVifisv/lnk/bin:/opt/FJSVifisv/hscnv/usr/binexport PATHLD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/FJSVrdb2b/lib:/opt/FJSVifisv/de/lib:/opt/FJSVifisv/lib:/opt/

- 24 -

FJSVifisv/lnk/bin:/opt/FJSVifisv/hscnv/libexport LD_LIBRARY_PATHLANG=ja_JP.UTF-8export LANG

- For Windows Server 2008

Use the following procedure to open the window for registering environment variables, and then enter a value for the "RDBNAME"environment variable.

a. Select Control Panel.

b. Select System.

c. Select Advanced System.

d. Select the Environment Variables button on the Advanced tab.

e. Set values for the system environment variables.

- For Windows Server 2003

Use the following procedure to open the window for registering environment variables, and then enter a value for the "RDBNAME"environment variable.

a. Select Control Panel.

b. Select System.

c. Select the Environment Variables button on the Advanced tab.

d. Set values for the system environment variables.

Note

For Windows, ensure that no command prompts are open while setting the environment variables.

- 25 -

Chapter 4 Setting up an Environment for the ServerThis chapter explains how to create an environment for the Information Integrator Server.

Use the following procedure to create an environment for the Information Integrator Server:

Figure 4.1 Procedure for setting up the server environment

Note

For Windows Server 2008

- If Information Integrator has been installed on the drive where the Windows system has been installed, be sure to use admin rightswhen editing and copying (placing) files.

- To execute commands and batch files, first give admin rights to the execution user. Select Run as administrator when opening thecommand prompt. Refer to the Windows Help and Support Center for information on how to run commands as an administrator.

- 26 -

For UNIX

- Be sure to execute commands and batch files as a superuser.

4.1 Defining the Operating EnvironmentDefine the operating environment for the Information Integrator Server.

Define the operating environment for the Information Integrator Server in the operating environment file and the adapter definition file.

- Operating environment file

Define the operating environment for the Information Integrator Server.

- Adapter definition file

To use the following features, define the operating environment for the Information Integrator Server as necessary:

- Extract and store objects for Salesforce


The operating environment that has been defined will take effect when the Information Integrator Server starts.

4.1.1 Editing the Operating Environment FileUse the following procedure to edit the operating environment file:

1. A sample operating environment file is provided in the following directory during installation:

- For Windows

InformationIntegratorServerInstallDirectory\sample\ifireg.00.ini

- For UNIX

/opt/FJSVifisv/sample/ifireg.00.ini

2. Edit the sample operating environment file according to the operating conditions for the system. To do so, first copy the sampleoperating environment file to an arbitrary folder, and then edit it using a text editor. Before starting the Information Integrator Server,specify common parameter values in the operating environment file for the sequence of collection, conversion, delivery and otherprocesses.

3. Note that samples are not copied when simple setup is used. Directly edit the files shown in step 3.

4. Once editing the operating environment file has been completed, place it in the following directory:

- For Windows

InformationIntegratorServerInstallDirectory\etc\ifireg.00.ini

- For UNIX

/opt/FJSVifisv/etc/ifireg.00.ini

Note

- Before starting the Information Integrator Server, ensure that the file "ifireg.00.ini" exists in the following directory:

- For Windows

InformationIntegratorServerInstallDirectory\etc

- 27 -

- For UNIX

/opt/FJSVifisv/etc

- The Information Integrator Server must be restarted if the parameter settings are changed and enabled while the Information IntegratorServer is running.

- For cluster operations in Windows environments, place the edited operating environment file in the following location:

InformationIntegratorOperationResourcesDir\etc\ifireg.00.ini

Refer to "10.3 Disk Allocation for Operation Resources" for information on disk allocation during cluster operations.

4.1.1.1 Syntax for the Operating Environment FileThe following table shows the syntax for the execution parameters defined in the operating environment file:

Table 4.1 Syntax for the operating environment file

Syntax rules Description

Maximum number ofcharacters per line

No more than 1,022 characters (bytes) (including comments)

Key name Must start from the start of the line.

Parameters for each key name Entered after the equals sign ( = ).

Parameter specification Unless otherwise specified, use the following characters:

- Letters: Uppercase A to Z, lowercase a to z, #, -, @, and _

- Numbers: 0 to 9

- Alphanumeric characters: Letters and numbers

- Japanese: Text made up of double-byte kanji, hiragana, katakana, letters andnumbers

Use the following characters for directory names:

- Alphanumeric characters, spaces, commas ( , ), periods ( . ), parentheses "(" and")", single quotes ( ' ), back slashes ( \ ) and colons ( : ).

Spaces and tabs Any consecutive spaces or tabs before or after the definition labels, key names andparameters will be ignored.

Listing specific parameters Specific parameters can be listed by separating them with commas ( , ).

Comment If a semicolon ( ; ) is entered, the rest of the line is treated as a comment.

If a hash symbol ( # ) is entered, the rest of the line is treated as a comment.

Entering execution parametersover multiple lines

It is not possible to enter a single definition over multiple lines.

4.1.1.2 Key Names and Parameter Values in the Operating Environment FileThe following table shows the key names and parameter values in the operating environment file:

Note

Of the following key names in the operating environment file, "stk_path" and "admuser" cannot be omitted. Be sure to specify these keys.Of the following key names in the operating environment file, "proc_rollback" cannot be omitted when using inputting to the service busof the Service Integrator.

- 28 -

Table 4.2 Key names and parameter values in the operating environment file

Category Key name Description Specification format (*1)(*2) Optional

Keys that relate to the overall system

msglvl Specify the output level for messages.

Note that the setting for this key doesnot take effect for messages that areoutput by utility commands.

Specify the key in the following format:i: Indicates "information". Allmessages will be output.e: Indicates an error. All messages otherthan "INFO" messages will be output.

Default value: i

Yes

admuser Specify the privileged user forInformation Integrator resourceoperations. This user can perform allInformation Integrator operations.The Information Integrator privilegeduser can perform "Lock"" and"Unlock" operations on the definitionsthat have already been acquired byother users.

Specify the user name (using no morethan 20 characters (bytes)).

- For Windows

Specify the local user. (Do notspecify a domain user.) The usermust be a local operating systemuser.

- For UNIX

Specify "root".

No

defuser Specify the users that executedefinition operations using III Studio ordesign sheets.

Users specified in this key canmanipulate the following definitions:

- Reference

- Register

- Acquire

- Cancel acquisition

- Delete

Specify the user name (using no morethan 20 characters (bytes)). ForWindows servers, specify the localuser. (Do not specify a domain user.)The user must be a local operatingsystem user.

Multiple user names can be specifiedby separating them with commas ( , ).

Default value: The InformationIntegrator privileged user

Yes

defreaduser Specify the users that refer todefinitions using III Studio or designsheets.

Users specified in this key can only"reference" the definitions.

If user names specified in the "defuser"key are specified in this key, they canonly "reference" the definitions.

Specify a different user name to the username specified in "defuser".

Specify the user name (using no morethan 20 characters (bytes)). ForWindows servers, specify the localuser. (Do not specify a domain user.)The user must be a local operatingsystem user.

Multiple user names can be specifiedby separating them with commas ( , ).

Yes

logfilesize Specify the maximum size of the filethat stores start/stop logs, definitionoperations logs, and Process Flowexecution logs for InformationIntegrator. The units are in megabytes.

The logs are stored in the followinglocations:

- For Windows

InformationIntegratorServerInstallDirectory\log

Specify a number between 1 and 20.

Default value: 5 (MB)

Yes

- 29 -


- For UNIX

/var/opt/FJSVifisv/LOG

logfilenum Specify the maximum number of filesthat store start/stop logs, definitionoperations logs, and Process Flowexecution logs for InformationIntegrator.

Specify a number between 2 and 50.

Default value: 5

Yes

resettime Specify the day change time.When the time specified here isreached, management ledgers and datawill be deleted according to the valuesspecified for the service status storageperiods and the various data storageperiods.

Specify the hour and minute in thefollowing format:

HH:MM

(HH = a value between 0 and 23, MM=a value between 00 and 59)

Default value: 00:00 (midnight)

Yes

msg_subsinf_type

Specify the display format of additionalinformation in relation to the outputformat of messages.

Specify using the following format:

nrm: Display normal additionalinformation.

add: Display more detailed informationalong with the normal additionalinformation.

Default: nrm

Refer to the Message Guide forinformation on additional information.

Yes

ursc_chk

(*8)

Specify whether resource usemonitoring is to be used.


yes: Used

no: Not used

Default: no

Yes

ursc_chk_rate Specify a monitoring threshold forresource use.

This is valid only when "yes" isspecified in "ursc_chk".

If the resource usage exceeds the valuespecified, a warning is output to theevent log (or syslog on UNIX).

If 0 is specified, a warning is not output.Only the log is output.

Specify using a number.

The following shows the specifiablerange:

0 £ resource monitoring threshold (%)£ 90

Default: 70

Specify a value between 70 and 80.

YesK

eys that relate to processes

recordterm When a process execution request froma user is received, it is stored in themanagement ledger as information.Specify the time period for storing thisinformation as the number of days sincethe process has finished executing.This allows process executioninformation to be looked up even afterthe process has finished executing.Once the time that has elapsed since theprocess finished executing exceeds thestorage period specified by this key,

Specify a number for this key.

The specification range is as follows:

1 £ management ledger storage period£ 31 (days)

Default value: 10

Yes

- 30 -


information will be deleted from themanagement ledger when the daychange time for the system has beenreached.If Information Integrator is not runningat the day change time, any processinformation for which the specifiedperiod has passed will be deleted nexttime Information Integrator starts.

exctterm Specify the storage period for theinformation that accumulates in thelocal DataBox, using either the numberof days that have elapsed since data wastransmitted for delivery destinationsystems or the number of days that haveelapsed since data was extracted forcollection source systems.

Once the storage period has passed,files will be deleted when the daychange time for the system has beenreached.If Information Integrator is not runningat the day change time, any files forwhich the specified period has passedwill be deleted next time InformationIntegrator starts.This key is effective for both sent filesand received files.



1 £ extracted data storage period £ 31(days)

Default value: 10

Yes

procrecvnum Specify the maximum number ofconcurrent processes that can beaccepted.



1 £ maximum reception concurrencyof processes £ 9999

Default value: 256

Yes

trnexecnum Specify the maximum number of datacollection, data delivery and plug-inProcess Functions that can executesimultaneously.

Refer to the System Design Guide forinformation on designing thesimultaneous execution concurrencylevel for the data collection, datadelivery, and plug-in ProcessFunctions.



1 £ maximum execution concurrencyof transfer Process Functions £ 512

Default value: 20

Yes

cnvexecnum Specify the maximum number ofconversion and data filtering ProcessFunctions that can executesimultaneously.

Refer to the System Design Guide forinformation on designing thesimultaneous execution concurrencylevel for the data conversion ProcessFunctions.



1 £ maximum execution concurrencyof conversion Process Functions £ 512

Default value: 20

Yes

- 31 -


workdir Specify the work directory required forthe process to execute. For the directoryspecified for this key, allocate enoughdisk space to temporarily store all of theinput data that is handled whenprocesses execute simultaneously.

When this key is specified, the usermust create the directory beforehandand give rights for reading, writing, andexecuting to the Information IntegratorServer startup user and group.

Specify the absolute path to thedirectory, using no more than 80characters (bytes):

Default value:

- For Windows

InformationIntegratorServerInstallDirectory\temp

- For UNIX

/opt/FJSVifisv/temp

Note

The files and directories in thisdirectory will be deleted whenInformation Integrator Server isstarted. Do not put user resources in thisdirectory.

Yes

stk_path This is the area for storing data that ismanaged using generations.The user must create this directory inadvance, and grant read, write andexecution rights to the startup users andgroups for the Information IntegratorServer.For the directory specified for this key,allocate enough disk space to store datafor the number of days specified for the"exctterm" key.

Specify the absolute path to thedirectory, using no more than 128characters.Be sure to specify this key, as it cannotbe omitted.

No

systemname If the following operations are beingperformed on the local system, specifya name for identifying the IP address ofthe local system:

- Using an active/standby clustersystem

- Using two or more LAN boards

- Using either HTTP or HTTPS,HISPD, or SAN for thecommunication protocol(s)

Specify the following names using upto 31 alphanumeric characters (bytes):

- Operations involving clustersystems: The host name thatcorresponds to the takeover IPaddress

- Operations that use two or moreLAN boards: The host name thatcorresponds to the LAN board (IPaddress) used for file transfer

- Operation with HTTP, HTTPS orHISPD: A host name identifyingthe local system

- Operations that use SAN: The localsystem name that was specifiedusing the initialization utility forXL DATA/MV (KJUAFMT). Inthis case only, specify the nameusing up to 15 alphanumericcharacters (bytes).

Yes

- 32 -


Note that the value specified for thiskey must have been defined as a hostname in the hosts file.

Default value: The active IP address

sch_workingtime

The times to execute the schedule forprocesses that execute repeatedly atregular intervals and processes thatexecute event monitoring can be set upin advance.

For example, set this key in situationssuch as when Information Integratorhas a process that executes every 60minutes and a process for executingcollection monitoring, and bothprocesses are to be set to start executingbetween 9:00 AM and 5:00 PM.

Specify the starting time and finishingtime in the following format:

HH:MM-hh:mm

"HH:MM" indicates the starting time.

"hh:mm" indicates the finishing time.

If the value specified for the startingtime is earlier than the finishing time,this indicates that the finishing time isfor the following day.

(Both HH and hh indicate the hour(between 00 and 23) and MM and mmindicate the minute (between 00 and59).)

Default value: No restriction on theschedule execution time span(processes can be executed at any time)

Yes

optsync If there are multiple delivery processeswithin a Process Flow, specify whetherto coordinate the starts of the deliveryprocesses.

This parameter is only valid for ProcessFlows without recovery points.

Specify the key in the following format:

yes: Coordinates starts.

no: Does not coordinate starts.

Default value: no

Yes

procgrp_userctl

Specify this key to operate InformationIntegrator by determining which usersperform operations for each processgroup.

Use the ifiuserctl command (userprivilege manipulation command) toset up the users that perform operationsfor each process group. Refer to theCommand Reference for details.


yes: Controls which users can use eachprocess group.

no: Does not perform user control foreach process group.

Default value: yes

Yes

monitordir Specify the directory to be monitored inevent monitoring (when a directory ismonitored).

When this key is specified, the usermust create the directory beforehandand give rights for reading, writing, andexecuting to the Information IntegratorServer startup user and group.

Specify a directory name using anabsolute path within 128 characters(bytes).

Event monitoring (when a directory ismonitored) is not performed if this isnot specified.

Yes

monitorexcept Specify how files that are not to bemonitored should be treated in eventmonitoring (when a directory ismonitored).

This parameter is valid only when"monitordir" is specified.


del: Deletes the files.

move: Files backed up to the backupdirectory.

Default: del

Yes

- 33 -


Point

The file name after backing up is theoriginal file name (the file namegenerated in the monitored directory)with the date and a serial numberappended. This means that the files canbe distinguished even if multiple fileswith the same name exist.

$

{fileName}_YYYYMMDDhhmmssnn

nnnnnnn

File name: Original file name

YYYYMMDDhhmmss: executiondate and time

nnnnnnnnn: A serial number starting at000000001

monitorbackupdir

Specify the backup directory for filesthat are not to be monitored in eventmonitoring (when a directory ismonitored).

This parameter is valid only when"move" is specified in"monitorexcept".

The backup directory for files not to bemonitored is created in the monitoreddirectory.

Specify using no more than 16alphanumeric characters:

Default: .BakUpDir

Yes

proc_rollback When a Process Flow execution ends inan error, specify the way that data inthis Process Flow is rolled back.

When a Process Flow ends in an error,it is possible to match the response tothe operation, for example by re-executing the Process Flow with datathat has been restored.


none: Do not restore data. The status ofthe data in the Process Flow is the statuswhen the Process Flow ended in anerror.

in: The status of data for a collectionProcess Function is returned to"Stored". However, if the erroroccurred in a deliver Process Function,the data for the collection ProcessFunction is not restored, but rather thedata for the deliver Process Function isreturned to "Stored". If the ServiceIntegrator input to the service bus is tobe used as the data collection ProcessFunction of the Process Flow, this valuemust be specified as "in".

exct: All of the data for this ProcessFlow will be given the status"Extracted". This is applied only to thestatuses of data from Process Functionsthat ended in an error. The status of data

Yes

- 34 -


of Process Functions whose status iseither retrying or aborted will become"Stored".

Default: none

tmpdboxdel

(*7)

Specify the trigger for deleting thetemporary DataBox.

Yes

tmpdboxdelterm

Specify the conditions for deleting intemporary DataBox processexecutions.

This is valid only when "proc" isspecified in "tmpdboxdel".


any: Deleted every time.

normal: Deleted only when the processends normally.

Default: any

Yes

procmsg Specify whether messages and logs areoutput at the start and end of processexecutions.

The log is stored in the followinglocation:

- For Windows

InformationIntegratorServerInstallDirectory\log

- For UNIX

/var/opt/FJSVifisv/LOG


yes: Output.

no: Not output.

Default: yes

Yes

Keys that relate to the R

DB

system

dbms_name

(*9)

Specify the Symfoware Serverdatabase and system name (RDBsystem name).

Specify when a database/system nameseparate to environment variableRDBNAME is to be used.

Note that either environment variableRDBNAME or this key must bespecified.

Specify using no more than 8alphanumeric characters.

- For Windows

Not case sensitive.

- For UNIX

Case sensitive.

Default: Follows user environmentvariable "RDBNAME".

Yes

dbms_code Specify the Symfoware Server locale.

Specify if the locale specified whenInformation Integrator Server wasinstalled is different to the locale on theSymfoware Server.


- SJIS: Shift-JIS.

- EUC_S90: EUC (S90).

- UNICODE: Unicode.

Default:

- For Windows

SJIS

- For UNIX

Locale specified when InformationIntegrator Server was installed.

Yes

- 35 -


Keys that relate to file transfer

scale

(*3)

Specify the maximum multiplicity offile transfer for the local system.



1 £ maximum number of files that canbe transferred simultaneously £ 256

Default value: 256

Yes

dport

(*3)

Specify the source port number forrequests to establish data connectionswhen FTP is used for thecommunication protocol(s) and thelocal system acts as the responder side.



20, 1024 £ data connection portnumber £ 65535

The value specified for this key isinvalid if "PASV" has been specified asthe connection mode for dataconnections.

Default value: An indeterminate valuethat is 1024 or greater

Yes

proxy_url

(*3)(*5)

Specify this key when HTTP or HTTPSis used for the communicationprotocol(s) and a proxy server is used.

Specify the name of the proxy serverusing URL notation.

Specify this key using up to 120alphanumeric characters (bytes).

The syntax is as below (RFC1738).

hostName.domainName:portNumber

Default value: Does not use a proxyserver

Yes

no_proxy_domain

(*3)(*5)

Specify the domain name part whenthere is a remote system that the serverconnects to without going through aproxy server in a network configurationthat uses proxy servers.


To specify multiple domain names,separate domain name parts usingcolons ( : ).

Default value: Routes all HTTP orHTTPS connections via proxy servers

Yes

encryption

(*10)

Specify whether to do the encryptioncommunication when HISPD is usedfor the communication protocol.This key becomes effective only at theresponder operation. Moreover,Specify the same value with initiatorand responder.


yes: Encrypted

no: Not encrypted

Default: no

Yes

linemargin Specify whether to secure emptybandwidth that can be used besides thiscommunication when HISPD is usedfor the communication protocol.

Empty bandwidth of communicationsother than HISPD can be secured byspecifying the line availability ofHISPD, and installing the upper boundin use bandwidth of HISPD.

Specify the value of less than 100 whenyou secure empty bandwidth other thanthis communication.



1 £ network bandwidth usage rate £100 (%)

Default: 80

Yes

- 36 -


maximumspeed

Specify maximum bandwidth that canbe used between communicationservers when HISPD is used for thecommunication protocol.

Maximum bandwidth of an actualHISPD communication becomes theone that a specified value

of "linemargin" key was multiplied bythis specification of key value.

This key does not guarantee the speedof the communication. It is not becausethe transmission rate of maximumbandwidth that can be used is securedwithout fail.



1 £ bandwidth £ 500 (Mbps)

Default: 100

Yes

recvtime

(*3)

Specify a value between 0 and 60 forthe monitoring time (in minutes)between sending a request to a remotesystem and receiving the response tothat request.



0 £ monitoring time for the remotesystem £ 60 (minutes)

Default value: 3

Yes

Keys that relate to object extraction and storage

proxy_url

(*5)

Specify this key if a proxy server is tobe used. Specify the name of the proxyserver in URL notation.


The syntax is as below (RFC1738).

hostName.domainName:portNumberDefault value: Does not use a proxyserver

Yes

no_proxy_domain

(*5)

Specify the domain name part whenthere is a remote system that the serverconnects to without going through aproxy server in a network configurationthat uses proxy servers.


To specify multiple domain names,separate domain name parts usingcolons ( : ).

Default value: Routes all HTTPconnections via proxy servers

Yes

Keys that relate to B

LO

B collection and delivery

proxy_url

(*5)

Specify when using a proxy. Specifythe proxy server name using a URL.

Specify a string of no more than 120alphanumeric characters.

The syntax is as follows (RFC1738):

hostName.domainName:portNumberDefault: Proxy server not used

Yes

no_proxy_domain

(*5)

In a network configuration that uses aproxy, specify the domain name part ofthe remote system if it is to beconnected without passing through theproxy.

Specify a string of no more than 255alphanumeric characters.

When multiple domain names are to bespecified, separate each domain namewith a colon ( : ).

Default: All HTTP passed through aproxy

Yes

- 37 -


Keys that relate to data conversion

errdatamode

(*4)

Specify whether to output data to a fileif an error occurs with that data duringdata conversion.


yes: Outputs the data to a file.

no: Does not output the data to a file.

Default value: yes

Yes

errmax Specify the maximum number of errordata items to be output. Processing willbe interrupted when the number of errordata items reaches the maximum limitspecified by this key.

Specify a value within the followingrange:

1 £ maximum number of error dataitems to be output £ 2147483647

Default value: 1000

Yes

Keys that relate to process plug-ins

plglog_putmsg

Specify the trigger for outputting theInformation Integrator process plug-inlog to a message (*6).

This log consists of information fromthe standard output and standard erroroutput as designed in the application tobe output to character strings when theprocess plug-in (when implemented towait for something to end) is executed,with that character string displayable inthe Operation Management Client oroutput to be included in messages whenthere is an error.


error: Output when a plug-in ends withan error.

any: Output whenever a plug-in is run,whether the result is normal or an error.

none: Not output.

Default: error

Yes

- 38 -


Keys that relate to the

Information Integrator Server

gen_oschk_lv OS specific checks are performed onthe Information Integrator Server whendefinitions are manipulated with the IIIStudio or a design sheet. Specify thelevel with this key.Note that this key should be specifiedonly when using the InformationIntegrator Server and the III Agenttogether. In any other case, do notspecify.

Specify using a number.

1: Checks are performed if differentoperating systems are used on theInformation Integrator Server and atleast one of the III Agents, and at leastone is using Windows.

0: Checks not performed.

Default value: 0

Yes

*1: For cluster operations, some resources need to be placed on the shared disk. Refer to "10.3 Disk Allocation for OperationResources" for details.

*2: If a value that does not match the specification format is specified for a key that is optional, Information Integrator will run usingthe default value.

*3: This key does not need to be specified if HULFT is used for the communication protocol(s). The value specified will not be appliedeven if this key is specified.

*4: This definition element is used during data conversion.

*5: The "proxy_url" and "no_proxy_domain" keys affect the following:File send and receive- Object extraction and storing- BLOB collection and delivery

*6: Output to messages with the ID "IF13305" or "IF23305".

*7: The data treated as a temporary DataBox and the management ledgers are deleted at regular intervals. The delete trigger is the daychange time and the data is that which has been processed at least one day before.If "tmpdboxdel" is not specified or if "proc" is specified, the data managed in the temporary DataBox (*1) is deleted, but the deletionof the data management information is deleted regularly at the day change time (*2). This can be viewed in the following ways:- Data number properties in the Operation Management Client- Specify -d parameter with the ifidisp command*1: This is managed in the directory specified in "stk_path".*2: The time specified in "resettime".Note that the following functionality will not be available with temporary DataBoxes whose data has been deleted:- Download from the data number properties in the Operation Management Client- Data extraction with the ifirexct command

*8: The resource use of the Information Integrator Server is automatically monitored between the time the Information IntegratorServer has completed starting up and the time it is stopped. Note that resources indicate the "management area of the InformationIntegrator Server". Refer to "4.2.4 Creating a Management Area" for information on the management area.Refer to the Operation Guide for information on using the resource use monitoring feature.

*9: Do not change this value if simple setup was used. It is possible to make the following values smaller, however:- recordterm- exctterm- procrecvnum- trnexecnum- cnvexecnum

*10: There is a possibility that the performance falls by the encryption processing.

4.1.1.3 Specification Examples for the Operating Environment FileSpecification examples for the operating environment file are shown below.

- For Windows

- 39 -


msglvl=i

admuser=administrator

logfilesize=5

logfilenum=5

resettime=00:00

recordterm=10

exctterm=10

procrecvnum=256

trnexecnum=20

cnvexecnum=20

stk_path= c:\iii_stk_path

optsync=no

scale=256

recvtime=3

errdatamode=yes

errmax=1000

procgrp_userctl=yes

- For UNIX


msglvl=i

admuser=root

logfilesize=5

logfilenum=5

resettime=00:00

recordterm=10

exctterm=10

procrecvnum=256

trnexecnum=20

cnvexecnum=20

stk_path=/iii_stk_path

optsync=no

scale=256

recvtime=3

errdatamode=yes

errmax=1000

procgrp_userctl=yes

4.1.2 Editing the Adapter Definition FileUse the procedure below to edit the adapter definition file.

Note

Information Integrator Server must be restarted if the parameter settings are changed and enabled while the Information Integrator Serveris running.

Windows

1. An adapter definition file is provided in the following directory during installation:

InformationIntegratorServerInstallDirectory\etc\ifiadpt.ini

2. Edit the adapter definition file as necessary.

- 40 -

UNIX

1. An adapter definition file is provided in the following directory during installation:

/opt/FJSVifisv/etc/ifiadpt.ini

2. Edit the adapter definition file as necessary.

4.1.2.1 Syntax for the Adapter Definition FileThe syntax for the execution parameters defined in the adapter definition file is shown below.

#<comment>

[definitionLabel]

{keyName =} {specificKeyParameter}

{keyName =} {specificKeyParameter}{, specificKeyParameter}

- Parameters enclosed in braces {} are optional.

- If a key name has been omitted, you cannot specify the specific parameters for that key.

- Each key can be specified only once within each label.

- The specific parameters can be specified in parallel (separated by commas), but only for keys that allow parallel specifications.

- Use the same character encoding as is used for the LANG setting for the operating system.

Follow the rules below when specifying the content of this file:

Table 4.3 Syntax rules for the adapter definition file



No more than 1,023 bytes (including comments).

Definition labels Start the specification from the start of the line, and enclose the label name in squarebrackets [ ].

Label name: CRTADADP

A "section" is a part of the definition file that starts with the line containing adefinition label and ends with either the line before the next definition label (if thereis another definition label after the current definition label) or the last line of the file(if the current definition label is the last definition label).


Parameters for each key Entered after the equals sign ( = ).

Parameter specification Use the following characters:


- Numbers: 0 to 9

- Alphanumeric characters: Letters and numbers

- Japanese: Text made up of double-byte kanji, hiragana, katakana, letters andnumbers

Spaces and tabs Any consecutive spaces or tabs before or after the definition labels, key names andparameters will be ignored.

Listing specific parameters Specific parameters can be listed by separating them with commas ( , ).

Comment If a hash symbol ( # ) is entered, the rest of the line is treated as a comment.

- 41 -


Lines that start with the hash symbol ( # ) are treated as comments, but hash symbolsare treated as normal characters if they appear anywhere other than the first characterof a line.

Entering execution parametersover multiple lines

It is not possible to enter a single definition over multiple lines.

4.1.2.2 Key Names and Parameter Values in the Adapter Definition FileThe following indicates the key names and parameter values in the adapter definition file, as used with the different Process Functions.Make the settings for each of the Process Functions used.

- When extracting or storing a Salesforce object

Refer to "4.1.2.2.1 When Extracting or Storing a Salesforce Object".

- When collecting or delivering BLOB

Refer to "4.1.2.2.3 When Collecting or Delivering BLOB".

- When high-speed file transfer

Refer to "4.1.2.2.4 When high-speed file transfer".

4.1.2.2.1 When Extracting or Storing a Salesforce Object Table 4.4 When extracting or storing a Salesforce object

Key name Description Specified format Requirement

name Specify the name of thetargets of data collectionand data delivery.


sfdc

Required

reqmulti Specify the concurrencyfor targets of datacollection and datadelivery.


Default value: 20

Optional

4.1.2.2.2 When Extracting or Storing a Salesforce Object Table 4.5 When extracting or storing a Salesforce object




sfdc

Required



Default value: 20

Optional

4.1.2.2.3 When Collecting or Delivering BLOB Table 4.6 When collecting or delivering BLOB




azr

Required

- 42 -




Default value: 20

Optional

4.1.2.2.4 When high-speed file transfer Table 4.7 When high-speed file transfer


name Specify the name of thetargets of data collectionor data delivery.


hsft

Required

reqmulti Specify the concurrencyfor targets of datacollection or datadelivery as initiator.

Specify the number of simultaneous high-speed filetransfer as initiator.


Default value: 20

Optional

indmulti Specify the concurrencyfor targets of datacollection or datadelivery as responder.

Specify the number of simultaneous high-speed filetransfer as responder.


A necessary resource is secured at least for the operationas responder, and the number of concurrencymultiplicity operates as one when 0 is specified.

Default value: 20

Optional

4.1.2.3 Specification Example for the Adapter Definition FileSpecification examples for the adapter definition file are shown below.

The following example shows how to specify Salesforce objects as data collection and data delivery targets:


[CRTADADP]

name=sfdc

reqmulti=20

#[CRTADADP]

#name=lc

#reqmulti=20

#[CRTADADP]

#name=azr

#reqmulti=20

#[CRTADADP]

#name=isi

#reqmulti=20

- 43 -

4.2 Creating a Management AreaCreate an area (hereafter referred to as the "management area") for managing information about the data and processes to be operated bythe Information Integrator Server.

4.2.1 Creating Raw Devices [UNIX Only]For UNIX, raw devices are required to create a management area. A raw device is unnecessary if the management area is to be created inthe file system. However, when operating in a cluster system, you must have 6 raw devices prepared and create the management area inthese raw devices.

Table 4.8 Required raw devices

Usage Remarks

Area for creating dictionaries for Symfoware Server Required

Area for creating temporary logs for Symfoware Server Required

Area required to store management information forprocesses

Required

Area required to manage Process Functions Required

Area required to store management information for data Required

Area for creating directories for Symfoware Server Only required for clustersystems

Estimate the space required for each area, and then allocate approximately 10% extra space as a buffer. Refer to "4.2.3 Creating Scripts"for information on how to estimate the space required for each area.

4.2.1.1 For Solaris- Do not specify cylinder 0 when creating raw devices.

- Do not use slice 2 as a raw device as it represents the entire disk.

- Do not use raw devices that have been created using the "format" utility. Do not create links to raw devices.

- To use multipath disks or PRIMECLUSTER GDS, use the character special file name created by the multipath disk control orPRIMECLUSTER GDS. Do not create links to these character special file names.

- When partitions are carved out using operating system utilities, the size specified with the utility may differ slightly from the size thatis actually carved out. Similarly, if multiple partitions are carved out, the actual size of each partition that is carved out may varyslightly even if the same size is specified for each partition with the operating system utility. For this reason, use an operating systemutility to check the actual size of the partitions that have been carved out.

4.2.1.2 For LinuxCreate raw devices by carving out partitions of the requisite sizes from the disk. Raw devices can be used by setting up symbolic links toblock devices. If PRIMECLUSTER GDS is used, GDS block devices will be used directly. The procedure for creating raw devices is asfollows:

1. Use the following features to create a partition or volume:

- The parted command of the operating system

- PRIMECLUSTER GDS

If PRIMECLUSTER GDS is used, this completes the creation of the raw device.

Perform the following steps if PRIMECLUSTER GDS is not used.

- 44 -

2. Identify the udev block device name corresponding to the partition on the disk.

The udev block devices have a "by-id" name and a "by-path" name, and which device name is used depends on the disk device thatthe Information Integrator Server is connected to. It is recommended that you create a table indicating the correspondences betweenthe udev block devices that have been identified and the disk partitions.

- To create raw devices on ETERNUS disks:

Use the "by-id" name.

- To create raw devices on non-ETERNUS disks:

Use the "by-path" name.

Example

The following example shows how to identify the udev block device names for a non-ETERNUS disk (/dev/sda5). Note that theudev block device name for "/dev/sda5" is "/dev/disk/by-path/pci-0000:00:10.0-scsi-0:0:0:0-part5".

$ cd /dev/disk/by-path

$ ls -l

lrwxrwxrwx 1 root root 9 December 17 10:42 pci-0000:00:10.0-scsi-0:0:0:0 -> ../../sda

lrwxrwxrwx 1 root root 10 December 17 10:42 pci-0000:00:10.0-scsi-0:0:0:0-part1 -> ../../sda1







3. Create a symbolic link to the udev block deviceFirst create a directory called "/dev_symfoware" and then create a symbolic link that points to "/dev_symfoware".For access rights to the "/dev_symfoware" directory, use the chown command and the chmod command to set up access rights sothat superusers and the users that belong to the group that was specified during installation can access this directory.

Example

The following example shows how to create a symbolic link ("raw1") to the udev block device (/dev/disk/by-path/pci-0000:00:10.0-scsi-0:0:0:0-part5). Note that "/dev_symfoware/raw1" is referred to as the raw device name:

$ cd /dev_symfoware

$ ln -s /dev/disk/by-path/pci-0000:00:10.0-scsi-0:0:0:0-part5 raw1

$ ls -l

lrwxrwxrwx 1 root root 10 December 17 10:42 raw1 -> pci-0000:00:10.0-scsi-0:0:0:0-part5

There is no need to initialize raw devices.

Note

When partitions are carved out using operating system utilities, the size specified with the utility may differ slightly from the size that isactually carved out. Similarly, if multiple partitions are carved out, the actual size of each partition that is carved out may vary slightlyeven if the same size is specified for each partition with the operating system utility. For this reason, use an operating system utility tocheck the actual size of the partitions that have been carved out.

For information on the parted command, udev, the chown command and the chmod command, refer to the documentation provided bythe vendor of the system being used.

- 45 -

Refer to the PRIMECLUSTER GDS manual for information on PRIMECLUSTER GDS.

Setting up access rights

This section explains how to set up access rights.

- When PRIMECLUSTER GD is used

Set up access rights by referring the PRIMECLUSTER GDS manual.

- When PRIMECLUSTER GD is not used

Enter setup rules for the access rights to the raw disk.

Enter the setup rules by creating "/etc/udev/rules.d/99-ifidb.rules".

Create separate rules for each raw device.

- To set up rules for ETERNUS disks

The following example shows how to set up access rights (owner: root; group: ifi; access rights: 0660) for "/dev/disk/by-id/scsi-SFUJITSU_MAN3367MC_UFD8P2602PTJ-part1":

KERNEL=="*[1]", ENV{ID_BUS}=="scsi",ENV{ID_SERIAL}=="SFUJITSU_MAN3367MC_UFD8P2602PTJ", OWNER="root", GROUP="ifi",MODE="0660"

- To set up rules for non-ETERNUS disks

The following example shows how to set up access rights (owner: root; group: ifi; access rights: 0660) for "/dev/disk/by-path/pci-0000:00:10.0-scsi-0:0:0:0-part5":

KERNEL=="*[5]",ENV{ID_PATH}=="pci-0000:00:10.0-scsi-0:0:0:0",OWNER="root",GROUP="ifi",MODE="0660"

Refer to the documentation provided by the vendor of the system being used for information on udev.

4.2.2 Editing the Tuning Parameter FileEstimate the size of the management area required for the Information Integrator Server.

Use the tuning parameter file to define the information required to create a management area.

For Windows

1. A sample tuning parameter file is provided in the following directory:

InformationIntegratorServerInstallDirectory\sample\ifimksdef.ini

2. Copy the sample file to any directory (such as "C:\III") and then edit it.

C:\III\ifimksdef.ini

For UNIX

1. A sample tuning parameter file is provided in the following directory:

/opt/FJSVifisv/sample/ifimksdef.ini

2. Copy the sample file to any directory (such as "/III") and then edit it.

- 46 -

/III/ifimksdef.ini

4.2.2.1 Elements in the Calculation of Tuning Parameter ValuesTuning parameter values are influenced by such elements as the amount of data in the Information Integrator Server. There are two typesof tuning parameter; those related to processes during operation and those related to data.

4.2.2.2 Syntax for the Tuning Parameter FileThe following table shows the syntax for the execution parameters defined in the tuning parameter file:

Table 4.9 Syntax for the tuning parameter file



No more than 1,022 characters (bytes) (including comments).


Parameters for each key name Entered after the equals sign ("=").

Parameter specification Unless otherwise specified, use the following characters:


- Numbers: 0 to 9

- Other symbols: / : \ . $

Do not use Japanese text or spaces in directory names.

Spaces and tabs Any consecutive spaces or tabs before or after key names and parameters will beignored.

Comment If a semicolon ( ; ) is entered, the rest of the line is treated as a comment.

If a hash symbol ( # ) is entered, the rest of the line is treated as a comment.

4.2.2.3 Key Names and Parameter Values in the Tuning Parameter FileThe following table shows the key names and parameter values in the tuning parameter file:

Point

Design the system with future expansion in mind

It is necessary to set values in the tuning parameter file to take into account future expansion according to the system design. If there isinsufficient allowance for expansion during the design phase, the management area will need to be expanded each time a job is added.

For Windows

- 47 -

Table 4.10 Tuning parameter fileKey name Description Specification format Optional? Related key

in theoperating

environmentfile

SYSTEM.osThis is the operating system type for theserver. Do not change the value in thesample file.

-No -

SYSTEM.output_dir

Enter the name of the directory wherethe scripts for creating a managementarea will be output.

Specify the absolute path to thedirectory, using no more than 128characters (bytes). Create this directorybeforehand.

No -

ESTIMATE.retent_period

Specify the number of days to storeexecution information for processes.

Use the operating environment file tospecify the timing of when data isactually deleted.Specify a value that is at least as largeas the value specified for the"recordterm" item in the operatingenvironment file.

Specify a number for this key.1 to 31 (Units: Days)Default value: 31

Yes recordterm

ESTIMATE.data_retent_period

Specify information about extracteddata and the number of days to store thedata in DataBoxes.Use the operating environment file tospecify the timing of when data isactually deleted.Specify a value that is at least as largeas the value specified for the "exctterm"item in the operating environment file.


Yes exctterm

ESTIMATE.prc_in_day

Specify the number of times processesare executed per day. Specify a valuethat is greater than the total number oftimes processes are executed during theretention period for process executioninformation(ESTIMATE.retent_period) dividedby the number of days in the retentionperiod for process executioninformation.

Specify a number for this key.1 to 10000 (Units: Times per day)Default value: 1000

Yes -

ESTIMATE.func_in_day

Specify the number of times ProcessFunctions are executed per day. Specify a value that is greater than thetotal number of times ProcessFunctions are executed during theretention period for process executioninformation(ESTIMATE.retent_period) dividedby the number of days in the retentionperiod for process executioninformation.


Yes -

- 48 -

Key name Description Specification format Optional? Related keyin the

operatingenvironment

file

ESTIMATE.indtran_in_day

Specify the number of times files aresent (as responder) per day.

Specify a value that is greater than thetotal number of times that files aretransferred (as responder) during theretention period for process executioninformation(ESTIMATE.retent_period) dividedby the number of days in the retentionperiod for process executioninformation.Specify "1" if file transfer is not to beinitiated as responder.


Yes -

ESTIMATE.data_in_day

Specify the number of data itemshandled per day.

Specify a value that is greater than thetotal of the below items that are dealtwith in the retention period forextracted data information and dataretained in the DataBox(ESTIMATE.data_retent_period),divided by the expiry date of theDataBox store information.

- Number of Process Functions

- Number of times that files will bestored with the data store command(ifirstor command)Refer to the Command Referencefor information on the data storecommand (ifirstor command).

The number of addressees when filesare sent (as initiator) and "broadcastdelivery" is performed where the samedata is delivered to multiple deliverydestination systems.

Specify a number for this key.1 to 220000 (Units: Data items per day)Default value: 5000

Yes -

ESTIMATE.bundle_data

Specify the number of data itemsprocessed by a single Process Function.Obtain the maximum number of inputand output files for each type of ProcessFunction, and specify a value greaterthan that.The following describes how to obtainthe maximum number of input andoutput files for each type of ProcessFunction.

- For data filtering ProcessFunctions: the number of filters +1

Specify a number for this key.1 to 10000 (Units: Data items per ProcessFunction)Default value: 100

Yes -

- 49 -



file

For Process Functions other than theabove: preceding Process Functions +1

ESTIMATE.databox

Specify the total number of DataBoxes.

Specify a value greater than the valueobtain by adding the following value tothe number of Process Functions.

- Number of DataBoxes that willstore files with the data storecommand (ifirstor command)Refer to the Command Referencefor information on the data storecommand (ifirstor command).


Specify a number for this key.1 to 200000 (Units: Number ofDataBoxes)Default value: 5000

Yes -

ESTIMATE.prc_multi

Specify the maximum number ofprocesses that can executesimultaneously.Specify a value that is at least as largeas the value specified for the"procexecnum" item in the operatingenvironment file.

Specify a number for this key.1 to 20Default value: 20

Yes

DBMS.name

This is the database system name forSymfoware Server.

Specify the system name (such as"ifirdb") specified by the"RDBNAME" environment variable.

Refer to "3.2.4 Setting Up EnvironmentVariables" for information on how toset up the RDBNAME environmentvariable.

- No -

DBMS.resourceThis is the resource type for thedatabase. Do not change the value inthe sample file.

-No -

DBMS.dir

Specify the area where the followingresources related to the database will becreated:

- Area for creating dictionaries forSymfoware Server

- Area for creating directories andfiles for Symfoware Server

- Area for creating temporary logsfor Symfoware Server

Specify the absolute path to thedirectory, using no more than 115characters (bytes). Create this directorybeforehand.

No -

- 50 -



file

- Area required to store managementinformation for processes

- Area required to manage ProcessFunctions

- Area required to store managementinformation for data

Note: For cluster operations, some resources need to be placed on the shared disk. Refer to "10.3 Disk Allocation for OperationResources" for details.

For UNIX

Table 4.11 Tuning parameter file



file

SYSTEM.osThis is the operating system type for theserver. Do not change the value in thesample file.

-No -

SYSTEM.output_dirEnter the name of the directory wherethe scripts for creating a managementarea will be output.

Specify the absolute path to the directory,using no more than 128 characters (bytes).Create this directory beforehand.

No -

ESTIMATE.retent_period

Specify the number of days to storeexecution information for processes.Use the operating environment file tospecify the timing of when data isactually deleted.Specify a value that is at least as largeas the value specified for the"recordterm" item in the operatingenvironment file.


Yes recordterm

ESTIMATE.data_retent_period

Specify information about extracteddata and the number of days to store thedata in DataBoxes.Use the operating environment file tospecify the timing of when data isactually deleted.Specify a value that is at least as largeas the value specified for the "exctterm"item in the operating environment file.


Yes exctterm

ESTIMATE.prc_in_day

Specify the number of times processesare executed per day. Specify a valuethat is greater than the total number oftimes processes are executed during theretention period for process executioninformation(ESTIMATE.retent_period) divided


Yes -

- 51 -



file

by the number of days in the retentionperiod for process executioninformation.

ESTIMATE.func_in_day

Specify the number of times ProcessFunctions are executed per day. Specify a value that is greater than thetotal number of times ProcessFunctions are executed during theretention period for process executioninformation(ESTIMATE.retent_period) dividedby the number of days in the retentionperiod for process executioninformation.


Yes -

ESTIMATE.indtran_in_day

Specify the number of times files aresent (as responder) per day.

Specify a value that is greater than thetotal number of times that files aretransferred (as responder) during theretention period for process executioninformation(ESTIMATE.retent_period) dividedby the number of days in the retentionperiod for process executioninformation.Specify "1" if file transfer is not to beinitiated as responder.


Yes -

ESTIMATE.data_in_day

Specify the number of data itemshandled per day.

Specify a value that is greater than thetotal of the below items that are dealtwith in the retention period forextracted data information and dataretained in the DataBox(ESTIMATE.data_retent_period),divided by the expiry date of theDataBox store information.

- Number of Process Functions

- Number of times that files will bestored with the data store command(ifirstor command)Refer to the Command Referencefor information on the data storecommand (ifirstor command).

The number of addressees when filesare sent (as initiator) and "broadcastdelivery" is performed where the same

Specify a number for this key.1 to 220000 (Units: Data items per day)Default value: 5000

Yes -

- 52 -



file

data is delivered to multiple deliverydestination systems.

ESTIMATE.bundle_data

Specify the number of data itemsprocessed by a single Process Function.Obtain the maximum number of inputand output files for each type of ProcessFunction, and specify a value greaterthan that.The following describes how to obtainthe maximum number of input andoutput files for each type of ProcessFunction:

- For data filtering ProcessFunctions: The number of filters+1

For Process Functions other than theabove: Preceding Process Functions +1


1 to 10000 (Units: Data items per ProcessFunction)

Default value: 100

Yes -

ESTIMATE.databox

Specify the total number of DataBoxes.

Specify a value greater than the valueobtain by adding the following value tothe number of Process Functions:

- Number of DataBoxes that willstore files with the data storecommand (ifirstor command)Refer to the Command Referencefor information on the data storecommand (ifirstor command).


Specify a number for this key.1 to 200000 (Units: Number ofDataBoxes)Default value: 5000

Yes -

ESTIMATE.prc_multi

Specify the maximum number ofprocesses that can executesimultaneously.Specify a value that is at least as largeas the value specified for the"procexecnum" item in the operatingenvironment file.

Specify a number for this key.1 to 20Default value: 20

Yes

DBMS.name

This is the database system name forSymfoware Server.

Specify the system name (such as"ifirdb") specified by the"RDBNAME" environment variable.

Refer to "3.2.4 Setting Up EnvironmentVariables" for information on how to

- No -

- 53 -



file

set up the RDBNAME environmentvariable.

DBMS.resource

This is the resource type for thedatabase.


raw: The management area is to be createdin a raw device.

file: When the management area is to becreated in the file system.

No -

DBMS.dictionary

Specify the area for creatingdictionaries for Symfoware Serverwhen the management area is to becreated in a raw device. Do not specifyif the management area is to be createdin the file system (delete the relevantline).

Specify a raw device. Yes -

DBMS.user_control

Specify the area for creatingdictionaries and files for SymfowareServer when the management area is tobe created in a raw device. Do notspecify if the management area is to becreated in the file system (delete therelevant line).

Specify the absolute path to the directory,using no more than 128 characters (bytes).Create this directory beforehand.

Yes -

DBMS.log1

Specify the area for creating temporarylog files for Symfoware Server whenthe management area is to be created ina raw device. Do not specify if themanagement area is to be created in thefile system (delete the relevant line).


PRC.db_space

Specify the area required to storemanagement information for processeswhen the management area is to becreated in a raw device. Do not specifyif the management area is to be createdin the file system (delete the relevantline).


FUNC.db_space

Specify the area required to manageProcess Functions when themanagement area is to be created in araw device. Do not specify if themanagement area is to be created in thefile system (delete the relevant line).


STK.db_space

Specify the area required to storemanagement information for data whenthe management area is to be created ina raw device. Do not specify if themanagement area is to be created in thefile system (delete the relevant line).


- 54 -



file

DBMS.dir

When the management area is to becreated in the file system, specify thedirectory where the management areais to be created.

Do not specify when the managementarea is to be created in a raw device.

Specify directory name using an absolutepath within 128 characters (bytes). Createthe directory beforehand.

Yes -

Note: For cluster operations, some resources need to be placed on the shared disk. Refer to "10.3 Disk Allocation for OperationResources" for details.

4.2.2.4 Specification Example for the Tuning Parameter FileSpecification examples for the tuning parameter file are shown below.

- For Windows


#

# $CATEGORY.$key=($value)

#

# $CATEGORY: CATEGORY (in uppercase)

# $key : keyName (in lowercase)

# $value : specifiedValue

SYSTEM.os=win

SYSTEM.output_dir=Z:\IIIDB\OUTPUT

ESTIMATE.retent_period=31

ESTIMATE.data_retent_period=31

ESTIMATE.prc_in_day=1000

ESTIMATE.func_in_day=5000

ESTIMATE.indtran_in_day=1000

ESTIMATE.data_in_day=5000

ESTIMATE.bundle_data=100

ESTIMATE.databox=5000

ESTIMATE.prc_multi=20

DBMS.name=ifirdb

DBMS.resource=file

DBMS.dir=Z:\IIIDB\DIR

- For Solaris (when the management area is to be created in a raw device)


#


#

SYSTEM.os=unix

SYSTEM.output_dir=/IIIDB/OUTPUT



- 55 -








DBMS.name=ifirdb

DBMS.resource=raw

DBMS.dictionary=/dev/rdsk/cXtXdXs1

DBMS.user_control=/IIIDB/RDBDIR

DBMS.log1=/dev/rdsk/cXtXdXs4

PRC.db_space=/dev/rdsk/cXtXdXs5

FUNC.db_space=/dev/rdsk/cXtXdXs6

STK.db_space=/dev/rdsk/cXtXdXs7

- For Linux (when the management area is to be created in a raw device)

#


#




SYSTEM.os=unix











DBMS.name=ifirdb

DBMS.resource=raw

DBMS.dictionary=/dev/raw/rawX1

DBMS.user_control=/IIIDB/RDBDIR

DBMS.log1=/dev/raw/rawX3

PRC.db_space=/dev/raw/rawX4

FUNC.db_space=/dev/raw/rawX5

STK.db_space=/dev/raw/rawX6

-

- 56 -

- For Linux (when the management area is to be created in the file system)

#


#




SYSTEM.os=unix











DBMS.name=ifirdb

DBMS.resource=file

DBMS.dir=/IIIDB/DBMSDIR

4.2.3 Creating ScriptsExecute the ifimks command to have the Information Integrator Server estimate the size of the management area based on the values inthe tuning parameter file and create scripts for creating a management area.Once you have defined the tuning parameter file, execute the ifimks command specifying the tuning parameter file.

- For Windows

In the following example, the tuning parameter file has been placed in an arbitrary directory (in this case "C:\III"):

- Estimation execution example

ifimks -m CAL -f C:\III\ifimksdef.ini

- Estimation output example

C:\>ifimks -m CAL -f C:\III\ifimksdef.ini

DBMS.dictionary=(Z:\IIIDB\DIR\RDBDIC)#40M

DBMS.user_control=(Z:\IIIDB\DIR\RDBDIR)#40M

DBMS.log1=(Z:\IIIDB\DIR\RDBLOG)#940M

FUNC.db_space=(Z:\IIIDB\DIR\FUNC)#4566M

STK.db_space=(Z:\IIIDB\DIR\STK)#946M

PRC.db_space=(Z:\IIIDB\DIR\PROC)#378M

### ifimks has done.

- 57 -

The folder specified for "DBMS.dir" must have at least as much capacity as the total of the sizes displayed.

- Example of executing script creation

ifimks -m CRT -f C:\III\ifimksdef.ini

The scripts for creating a management area will be output to the folder specified by "SYSTEM.output_dir".

- For UNIX

In the following example, the tuning parameter file has been placed in an arbitrary directory (in this case "/III"):

- Estimation execution example

/opt/FJSVifisv/bin/ifimks -m CAL -f /III/ifimksdef.ini

- Estimation output example

# /opt/FJSVifisv/bin/ifimks -m CAL -f /III/ifimksdef.ini

DBMS.dictionary=(/dev/rdsk/c0t0d0s1)#40M

DBMS.user_control=(/IIIDB/RDBDIR)#40M

DBMS.log1=(/dev/rdsk/c0t0d0s4)#940M

FUNC.db_space=(/dev/rdsk/c0t0d0s6)#4566M

STK.db_space=(/dev/rdsk/c0t0d0s7)#946M

PRC.db_space=(/dev/rdsk/c0t0d0s5)#378M

### ifimks has done.

When the management area is to be created in the file system, a volume greater than the total size displayed is required in thedirectory specified in "DBMS.dir".

- Example of executing script creation

/opt/FJSVifisv/bin/ifimks -m CRT -f /III/ifimksdef.ini

The scripts for creating a management area will be output to the directory specified by "SYSTEM.output_dir".

If the ifimks command terminates abnormally, correct the error and then re-execute the command.

Refer to the Command Reference for information on the ifimks command. Refer to "A.1 Correcting Errors with the ifimks Command"for information on how to correct errors when the ifimks command terminates abnormally,

Note

If the value of "DBMS.log1" is 32 GB or more when estimation is executed using the ifimks command, review the values specified forthe following keys in the tuning parameter file so that the result of the estimation is no more than 31 GB:

- ESTIMATE.bundle_data

- ESTIMATE.prc_multi

- 58 -

Scripts that are generated

When the ifimks command is executed, the following scripts are output so that the management area can be created. Use these scripts toset up the Information Integrator Server.

Table 4.12 List of script files that are generated (Windows)

Directory File name Content

Output directory

(*1)

ifirdbsetup.bat Batch file for creating an RDB dictionaryenvironment

ifirdbdel.bat Batch file for deleting an RDB dictionaryenvironment

ifi_createrdb00.bat Batch file for creating a work database

ifi_droprdb00.bat Batch file for deleting a work database

ifi_grantrdb00.bat Batch file for granting access rights to the workdatabase (this is executed from another batch file)

buffer ifi_createbuf00.bat Batch file for creating a shared buffer

ifi_deletebuf00.bat Batch file for deleting a shared buffer

Env RDBsystemName.cfg (*2) RDB configuration parameter file

fssqlenv Operating environment file for the RDB system

rdbbuf Shared buffer definition file

sql _ifi_createdb00.sql DDL for database and database space definitions

_ifi_createtbl00.sql DDL for table, DSO and DSI definitions

_ifi_droprdb00.sql DDL for database, database space, table, DSO andDSI definitions

_ifi_grant00.sql Definition file for granting access rights

*1: Scripts are output to the folder specified for the "SYSTEM.output_dir" key in the tuning parameter file.

*2: The RDB system name specified for the "DBMS.name" key in the tuning parameter file

Table 4.13 List of script files that are generated (UNIX)


Output directory

(*1)

ifirdbsetup.sh Shell script for creating an RDB dictionaryenvironment

ifirdbdel.sh Shell script for deleting an RDB dictionaryenvironment

ifi_createrdb00.sh Shell script for creating a work database

ifi_droprdb00.sh Shell script for deleting a work database

ifi_grantrdb00.sh Shell script for granting access rights to the workdatabase (this is executed from another shell script)

buffer ifi_createbuf00.sh Shell script for creating a shared buffer

ifi_deletebuf00.sh Shell script for deleting a shared buffer

env RDBsystemName.cfg (*2) RDB configuration parameter file

fssqlenv Operating environment file for the RDB system

rdbbuf Shared buffer definition file

sql _ifi_createdb00.sql DDL for database and database space definitions

_ifi_createtbl00.sql DDL for table, DSO and DSI definitions

- 59 -


_ifi_droprdb00.sql DDL for database, database space, table, DSO andDSI definitions

_ifi_grant00.sql Definition file for granting access rights

*1: Scripts are output to the folder specified for the "SYSTEM.output_dir" key in the tuning parameter file.

*2: The RDB system name specified for the "DBMS.name" key in the tuning parameter file

Copying scripts

Of the script files output by the ifimks command, be sure to copy the following files to the "Copy destination" in the following table:

Table 4.14 Where to place scripts (Windows)

Directory File name Copy destination Content

env RDBsystemName.cfg InformationIntegratorServerInstallDirectory\SFWETC\RDB\ETC (*1)

RDB configurationparameter file

buffer ifi_createbuf00.bat InformationIntegratorServerInstallDirectory\etc (*2)

Batch file for creating ashared buffer

ifi_deletebuf00.bat Batch file for deleting ashared buffer

*1: To use a version of Symfoware Server that has been purchased separately rather than the version of Symfoware Server that camebundled with Information Integrator, copy this script file to "symfowareServer InstallDir\SFWETC\RDB\ETC".

*2: For cluster operations, copy this file to "informationIntegratorOperationResourcesDir/etc".Refer to "10.3 Disk Allocation for Operation Resources" for information on disk allocation during cluster operations.

Table 4.15 Where to place scripts (UNIX)

Directory File name Copy destination Content

env RDBsystemName.cfg - For Solaris

/opt/FSUNrdb2b/etc

- For Linux

/opt/FJSVrdb2b/etc

RDB configurationparameter file

buffer ifi_createbuf00.sh /opt/FJSVifisv/etc Shell script for creating ashared buffer

ifi_deletebuf00.sh Shell script for deleting ashared buffer

4.2.4 Creating a Management AreaUse the following procedure to create a management area for the Information Integrator Server:

4.2.4.1 Creating an RDB DictionaryUse the procedure below to create an RDB dictionary.

For Windows

1. Move the current directory to the output directory specified for the "SYSTEM.output_dir" key.

- 60 -

2. Create an RDB dictionary by executing the batch file for creating an RDB dictionary environment (one of the scripts generated bythe ifimks command):

cmd /c .\ifirdbsetup.bat

Information

If the batch file terminates abnormally, follow the procedure described in "A.2 Correcting Errors with Creating a Management Area" andthen re-execute the batch file.

For UNIX


2. Create an RDB dictionary by executing the following file (the shell script for creating an RDB dictionary environment) generatedby the ifimks command:

./ifirdbsetup.sh

Information

If the shell script terminates abnormally, follow the procedure described in "A.2 Correcting Errors with Creating a Management Area"and then re-execute the shell script.

4.2.4.2 Registering the RDB System [Windows Only]For Windows, use the following procedure to register the service using the database system setup GUI. This procedure is not necessaryfor UNIX:

1. Move the current directory to "InformationIntegratorServerInstallDirectory\bin".

2. Execute the following startup batch file:

cmd /c .\ifidbsysset.bat

See

If Symfoware Server has been purchased separately

To use a version of Symfoware Server that has been purchased separately rather than the version of Symfoware Server that camebundled with Information Integrator, perform the setup by referring to the Symfoware Server manual.

3. Select the RDB system name, and click Register.

4. For Data storage location, enter "TuningParameterFileDBMS.dirDir \RDBDIR", and then click OK.

5. A confirmation message will be output, click Yes.

Messages about the modification of the value of configuration parameters will be output, click No.

6. The next window will be displayed. Click Skip.

A dialog box for requesting dictionary creation will be output, click OK to continue.

7. The next window will be displayed. Remote databases are not supported, so click Cancel.

- 61 -

8. The registration is complete if the checkbox to the left of the RDB system name is selected. Click Close to close the database systemsetup GUI.

4.2.4.3 Starting Symfoware ServerStart Symfoware Server. Execute the startup command shown below.

- For Windows

rdbstart

Information

Starting from the GUI

Symfoware Server can also be started by selecting Start then Control Panel followed by Administrative Tools and then Services.

- For Solaris

/opt/FSUNrdb2b/bin/rdbstart

- For Linux

/opt/FJSVrdb2b/bin/rdbstart

See

If Symfoware Server fails to start, eliminate the cause of the error by referring to the message that has been output and "A.2 CorrectingErrors with Creating a Management Area", and then re-execute the command.

4.2.4.4 Creating a Work DatabaseUse the following procedure to create a work database:

For Windows


2. Create a work database by executing the batch file for creating a work database (one of the scripts generated by the ifimks command):

cmd /c .\ifi_createrdb00.bat

This completes the setup for the Information Integrator Server.

Start the Information Integrator Server to check that it operates normally. Refer to "8.1 Starting the Servers" for details.

See

If the batch file terminates abnormally, follow the procedure described in "A.2 Correcting Errors with Creating a Management Area" andthen re-execute the batch file.

- 62 -

For UNIX


2. Create a work database by executing the following file (the shell script for creating a work database) generated by the ifimkscommand:

./ifi_createrdb00.sh

This completes the setup for the Information Integrator Server.

Start the Information Integrator Server to check that it operates normally. Refer to "8.1 Starting the Servers" for details.

See

If the shell script terminates abnormally, follow the procedure described in "A.2 Correcting Errors with Creating a Management Area"and then re-execute the shell script.

- 63 -

Chapter 5 Registering the Definitions of Process FlowThis chapter explains the procedure for registering definitions of Process Flow that have been created.

Use the following procedure to register definitions of Process Flow.

Figure 5.1 Procedure for registering the definitions of Process Flow

Point

- When the Information Integrator Server and the III Agent are to be used in combination

The design information for Process Flows is created and managed in definitions on the Information Integrator Server. The definitionsused in the III Agent are created on the Information Integrator Server and then delivered to the III Agent. Therefore, the registrationof the definitions of Process Flow explains in this chapter is unnecessary in the III Agent server.

- 64 -

- Modifying and re-registering definitions of Process Flow that have already been registered

To re-register a design sheet by modifying any of the definitions included in a design sheet that has already been registered, first usethe Definition Management Client to obtain the definitions to be modified, and modify the design sheet and then register it again.

5.1 Registering the Definitions of Process FlowRegister the definitions of Process Flow that have been created. This section explains the procedure for registering the definitions ofProcess Flow.

5.1.1 Starting the Information Integrator ServerStart the server function on the Information Integrator Server that is required to register definitions of Process Flow. Even before theInformation Integrator Server is set up, you can start the server function that is required to register definitions of Process Flow. Refer to"8.1 Starting the Servers" for details.

5.1.2 Registering the definitions of Process FlowRefer to III Studio Help for Registering the definitions of Process Flow.

5.1.3 Stopping the Information Integrator ServerStop the Information Integrator Server.

Refer to the Command Reference for details on the ifistp command.

- For Windows

ifistp

- For UNIX

/opt/FJSVifisv/bin/ifistp

- 65 -

Chapter 6 Setting Up an Environment for Sending andReceiving Files

This chapter explains how to set up an environment for sending and receiving files when Information Integrator is connected to a destinationsystem.

Figure 6.1 Procedure for setting up an environment for sending and receiving files

6.1 When the Communication protocol(s) is TCP/IP or HISPDThis section explains how to set up an environment when TCP/IP or HISPD is used as the communication protocol(s).

- 66 -

6.1.1 Environment Setup when the Communication Protocol(s) is TCP/IP orHISPD

If TCP/IP or HISPD is used as the communication protocol(s), there is no need to install a Network product. For the TCP/IP environmentsettings (When the communication protocol is HISPD, the environmental setting of UDP/IP is included.), set up in the SERVICES(services) file the information required for the Information Integrator Server to run, and specify the IP address of the server in the HOSTS(hosts) file.

To use the Information Integrator Server, the port number of the Information Integrator Server must be entered in the SERVICES file inadvance. Similarly, the names of the local server and the connection destination server for sending and receiving files (for TCP/IPconnections) must be entered in the HOSTS file.

Customize the environment by referring to the locations and entry examples for the HOSTS file and the SERVICES file, shown below.

See

Refer to "3.2 Setting Up the System" for definition examples of the HOSTS file and the SERVICES file for the Information IntegratorServer.

6.1.2 Notes on Using FTP as the Communication Protocol(s)If the protocol for communicating with the destination system is FTP, the following values must be specified in the data source definitions.

Figure 6.2 When the communication protocol(s) is FTP

6.1.3 Notes on Using HTTP or HTTPS as the Communication Protocol(s)If the protocol for communicating with the destination system is HTTP or HTTPS, the following values must be specified in thecommunication path definitions. The following example uses DNS to resolve names.

When HTTPS is used, it is necessary to set the SSL environment separately.

- Connections between Information Integrator and Linkexpress

- Connections where the startup system is Information Integrator and the responder (system) is an HTTP server

Connections between Information Integrator and Linkexpress

For the responder (system), specify the port number for HTTP protocol communications in the SERVICES file.For the startup system, specify the port number for HTTP protocol communications for the responder (system).

- 67 -

Figure 6.3 Connections between Information Integrator and Linkexpress

- The recommended port number specified by the ifitrnh service that Information Integrator uses for the HTTP protocol is 9465.Similarly, the recommended port number specified for the lnkexph service that Linkexpress uses for the protocol is 9365.

- If port numbers are replaced using the reverse proxy feature of the proxy server, specify the port number of the proxy server in thedefinitions for the startup system. Normally, this number is 80.

Connections where the startup system is Information Integrator and the responder (system) is an HTTPserver

For Information Integrator on the startup system, specify the port number of the HTTP server for the port number in the data sourcedefinitions. Normally, this number is 80.

- 68 -

Figure 6.4 Connections where the startup system is Information Integrator and the responder (system) is an HTTPserver

6.1.4 Notes on Using HISPD as the Communication Protocol(s)If the protocol for communicating with the destination system is HISPD, the following values must be specified in the data sourcedefinitions.

Figure 6.5 When the communication protocol(s) is HISPD

- The recommended port number specified by the service that Information Integrator uses for the HISPD protocol is the following.

- ifitrnsc: 9467

- ifitrnhspd: 9468

- The value of ifitrnsc of the remote system is specified for "Port Number" of the data source definition. Moreover, a value unique ineach remote system is specified for "Initiator Control Port Number".

- 69 -

6.2 When the Communication Protocol(s) is HULFTThis section explains how to set up an environment when HULFT is used as the communication protocol(s).

6.2.1 Support RangeTo use the HULFT linkage feature, the following products must be installed beforehand.

- For Windows or Solaris

HULFT5 or higher

- For Linux

HULFT6 or higher

6.2.2 Registering the HULFT Linkage Job ModuleTo use HULFT as a data collection/delivery product, a HULFT linkage job is required. Register a HULFT linkage job with HULFTaccording to the linkage method. The following diagram shows the correspondence between linkage methods and HULFT linkage jobs.

Figure 6.6 Functional overview of HULFT linkage jobs

Note: The numbers in the diagram correspond to the numbers shown in the table below ("Linkage methods and settings for HULFTlinkage job startup information").

Storage location for the HULFT linkage job

Use the script stored at the following location.

- For Windows

- 70 -

<Information Integrator installation directory>\sample\hulftjob

- For Solaris or Linux

/opt/FJSVifisv/sample/hulftjob

How to register HULFT linkage jobs

This section explains how to register HULFT linkage jobs. Whether a HULFT linkage job is used and the type of HULFT linkage jobused vary depending on the linkage method.

The following table shows the linkage methods and the settings for HULFT linkage job startup information.

Table 6.1 Linkage methods and settings for HULFT linkage job startup information

ItemNo.

Linkage method Settings in the HULFT management window

Transfertype

Operation type(specified by III

Studio)

HULFT linkage job set by thejob startup information

Script file name (*1) Job ID settings for thereception/transmission

management information

(1) Receiving Startup Job after receiving files(actively)

req_rcvfile.XXX Register the job as a normaljob in the receptionmanagement information.Specify "normal jobcompletion" for the receptioncompletion notification in thereception managementinformation.

(2) Reply Job after receiving files(passively)

ind_rcvfile.XXX Register the job as a normaljob in the receptionmanagement information.Specify "normal jobcompletion" for the receptioncompletion notification in thereception managementinformation.

(3) Sending Startup No registration is required. - No registration is required.

(4) Reply Job before sending files(passively)

ind_sndfile_before.XXX Register the job as a pre-transmission job in thetransmission managementinformation

Job in normal state aftersending files (passively)

ind_sndfile_afterN.XXX Register the job as a normaljob in the transmissionmanagement information.

Job in abnormal state aftersending files (passively)

ind_sndfile_afterE.XXX Register the job as anabnormal job in thetransmission managementinformation.

*1: The "XXX" extension represents "bat" for Windows and "sh" for UNIX.

For those linkage methods that require that a HULFT linkage job be registered, register the job using the following procedure.

1. Use the job startup information in the HULFT management window to register the absolute path to the script for the HULFT linkagejob.

- 71 -

2. Use the reception/transmission management information in the HULFT management window to specify the HULFT file ID as thejob ID specified in the job startup information. Note that the HULFT file ID corresponds to the path ID to be used (specified by"path ID" in the data source definitions).

Note

If the reception/transmission type is "receiving", use the reception management information in the HULFT management window to specify"normal job completion" for the reception completion notification for the target file ID.

6.2.3 User Permissions for Using HULFTTo use an instance of HULFT that has been started using permissions other than the Information Integrator privileged user for the datacollection/delivery product, the permissions for HULFT and the permissions for the Information Integrator privileged user must be madethe same.

For file transfer that uses HULFT, the parent directory for the reception file that is registered in the reception management informationfor HULFT must be set up so that the permissions for the Information Integrator privileged user allow that user to read from and write tothat directory.

6.2.4 Notes on SetupThis section presents notes on setup when HULFT is used as the communication protocol(s).

- To use the HULFT linkage transmission function, the transmission command dynamic parameter specification ("dynparam") must beset to "1" (enabled) in the system operating environment file for HULFT ("hulenv"). Note also that dynamic parameter specificationcan also be performed from the management window with HULFT6.

The system operating environment file for HULFT is the following file. Refer to the HULFT manual for details on how to set up thefile.

- For Windows: hulenv

- For UNIX: hulenv.conf

- As the execution environment for sending and receiving files, specify a directory under the HULFT installation directory for the"PATH" environment variable.

- For Windows: binnt

- For UNIX: bin

- For the utility response timeout in the system operating environment file for HULFT, specify a value that is longer than the timerequired for HULFT to send and receive files.

- Specify "K: Save" for the handling of sent files in the HULFT transmission management information.

- To execute concurrent (active) file transmissions using the same file ID, specify the following values for the reception managementinformation for the system that (passively) sends the files.

- Specify "Yes" for generation management

- Specify "New Create" for the registration mode

- If the cancel command (ififcncl) is requested while multiple transmissions are executing concurrently with the same file ID, all of theservices that are executing will be canceled.

- To use the transmission/reception function for HULFT linkage, the file name must be registered in the HULFT management window(the transmission/reception management information) by specifying the absolute path to the file.

- Specify "normal job completion" for the reception completion notification in the reception management information for HULFT.

- If (active) file transmission is executed with a local file for the DataBox, an error will occur if an existing file is specified for thetransmission file name in the HULFT transmission management information. Specify a new file with a valid file path.

- 72 -

- For Linux, HULFT is supported if the operating system character encoding for Information Integrator is UTF-8 and the characterencoding for the HULFT management window is either EUC or SJIS. When transmission or reception linked to Information Integratoris performed from the HULFT management window, the messages output by Information Integrator may be garbled, but this does notaffect operations. Refer to the messages output to the system log for the processing results of Information Integrator.

-

- 73 -

Chapter 7 Setting Up the Operation ManagementEnvironment

This chapter explains how to set up the Operation Management Web Server and customize the Operation Management Client, as shownbelow.

Use the following procedure to set up the operation management environment.

Figure 7.1 Procedure for setting up the operation management environment

7.1 Notes on SecurityThis section presents notes on using the Operation Management Client in systems that emphasize security.

- 74 -

7.1.1 Placing the Web ServerThis section explains how to place and operate servers when the Operation Management Client is used.

- Place the Information Integrator Server and the Web server on the intranet, and specify settings for the connection with the internetzone so that unnecessary protocols are not allowed to pass through. (Allow only the HTTP protocol to pass through, for example.)

- Install a firewall and proxy server to separate the DMZ and the intranet zone from the Internet zone. Also, implement access controlbased on addresses, port numbers, communications protocols, and so on. It is recommended that a Reverse Proxy feature be used toconceal the private addresses within the intranet (the real names of Web servers).

- Apply security patches to the Web servers at regular intervals.

7.1.2 Setting Up the Web ServerThis section explains operations regarding logging in to the Web server and setting up access rights.

- It is recommended that Web server authentication be set up to prohibit anonymous access for logging in to the Web server from aWeb browser.

- It is also recommended that only the following permissions be granted for the virtual directory.

- Log access permissions

- Read permissions

- Execution access permissions

The virtual directories for each operating system are as follows:

- For Windows: InformationIntegratorServerInstallDirectory/guibin/gui-root

- For UNIX: /opt/FJSVifisv/guibin/gui-root

- It is recommended that "80" be used as the port number for the Web server in order to allow port monitoring at the network level.

7.1.3 Managing the PasswordThe password for the execution user that is specified when logging in to the Operation Management Client is authenticated using the basicauthentication method for the operating system. It is recommended that a password that is difficult to guess be set up by combining atleast eight alphanumeric characters (A to Z, a to z, 0 to 9) and symbols.

It is also recommended that the password be changed periodically according to the security policy for the system.

7.1.4 Measures for Preventing Data Leaks and MasqueradingData leaks and masquerading can be prevented by encrypting communications between browsers and the Web server and by usingelectronic signatures. If necessary, use an SSL connection between browsers and the Web server.

7.1.5 DoS CountermeasuresIt is recommended that a packet filtering feature be used with the Web server or firewall in order to prevent system abnormalities resultingfrom denial of service (DoS) attacks from over the network.

7.1.6 Auditing and MonitoringIt is recommended that access logs or system logs for the Web server be collected to enable early detection of any security infringements(such as system information leaks, data falsification or program damage).

- 75 -

Chapter 8 Starting and Stopping the SystemThis chapter explains how to start and stop the Information Integrator Server.

Use the following procedure to start the Information Integrator Server:

Figure 8.1 Setup procedure for starting the Information Integrator Server

8.1 Starting the ServersOnce the setup is complete, start the servers that make up Information Integrator in order.

Start the Information Integrator Server

Use the following command to start the Information Integrator Server:

- 76 -

- Starting the server for the first time, or starting the server by initializing the processing status in which the server stopped last time

- For Windows

ifistr -m c

- For UNIX

/opt/FJSVifisv/bin/ifistr -m c

Use this command to check operations when the environment for the Information Integrator Server has been set up or after simplesetup.

- Starting the server with the same processing status as the last time the server was stopped

- For Windows

ifistr

- For UNIX

/opt/FJSVifisv/bin/ifistr

Note

- Symfoware Server must be running before the Information Integrator Server is started. If the setup has been performed in accordancewith this manual, 4.2.4.3 Starting Symfoware Server will have been completed during the procedure for creating the managementarea, and so there is no need to start Symfoware Server in this case.

- To execute commands and batch files in Windows Server 2008, first grant the user admin rights. Select Run as administrator whenopening the command prompt. Refer to the Windows Help and Support Center for information on how to run commands as anadministrator.

See

Refer to the Command Reference for information on the ifistr command.

Point

Refer to "8.3 Automatically Starting and Stopping the Information Integrator Server (UNIX)" for UNIX when the Information IntegratorServer is to be automatically started and stopped when the system is started or stopped.

Start the Web server

Start the Web server by referring to the appropriate Web server manuals being used (such as IIS or Interstage Application Server).

8.2 Stopping the ServersOnce the operation has finished, stop the servers that make up Information Integrator in order.

Stop the Web server

Stop the Web server by referring to the appropriate Web server manuals being used (such as IIS or Interstage Application Server).

- 77 -

Stop the Information Integrator Server

Use the following command to stop the Information Integrator Server:

- For Windows

ifistp

- For UNIX

/opt/FJSVifisv/bin/ifistp

See

Refer to the Command Reference for information on the ifistp command.

Point

- Stopping Symfoware

If necessary, stop Symfoware Server after the Information Integrator Server has stopped.

Use the following command to stop Symfoware Server:

- For Windows

rdbstop

- For Solaris

/opt/FSUNrdb2b/bin/rdbstop

- For Linux

/opt/FJSVrdb2b/bin/rdbstop

- Automatic stopping of the Information Integrator Server

Refer to "8.3 Automatically Starting and Stopping the Information Integrator Server (UNIX)" for UNIX when the InformationIntegrator Server is to be automatically started and stopped when the system is started or stopped.

8.3 Automatically Starting and Stopping the Information IntegratorServer (UNIX)

The following describes the procedure when the Information Integrator Server is to be automatically started and stopped when the systemis started or stopped.

This procedure must be executed as the superuser.

1. Customizing scripts

Customize the scripts based on the samples and place them in the correct location.

- Sample script storage location

/opt/FJSVifisv/sample/rcscript_FJSVifisv

- Deployment directory

- 78 -

/opt/FJSVifisv/lib/rcscript_FJSVifisv

Deployment example:

cp -p /opt/FJSVifisv/sample/rcscript_FJSVifisv /opt/FJSVifisv/lib

- Content to customize

- When using Solaris 10, delete the "#" at the beginning of "/usr/bin/newtask -p system -c $$"

Before:

##------ newtask add ------

#/usr/bin/newtask -p system -c $$

After:

##------ newtask add ------

/usr/bin/newtask -p system -c $$

- Customizing environment variables

Refer to "3.2.4 Setting Up Environment Variables" for information on environment variables. Also configure the followingenvironment variables to suit the mode of the user:

Environment

variable nameSettings content

IFI_ID Use the default "00" as is.

HULPATH Specify the HULFT environment settings file storage directory. Refer to "6.2.4Notes on Setup" for information on the HULFT operating environment.

HULEXEP Specify the HULFT execution module storage directory. Refer to "6.2.4 Notes onSetup" for information on the HULFT operating environment.

- To stop and start Symfoware, delete the "#" in the following range of the script:

##------ Symfoware ---from---##------ Symfoware ---to---

- Delete the "#" in the following range when the Information Integrator Server is to be automatically started and stoppedwhen the system is started or stopped:

##------ Interstage Information Integrator ---from---##------ Interstage Information Integrator ---to---

Point

Customizing the mode of starting and stopping

The initial state of the script is that the Information Integrator Server maintains its state between stopping and starting again.Also, when it is stopped and the system is stopped, Process Flow and Process Function requests are aborted and forciblystopped.

Edit the indicated lines for starting and stopping as necessary.

Starting

To maintain the previous processing status when next started (initial setting)

/opt/$PRODUCT_KIND/bin/ifistr -m w 1>>$DEBUG 2>&1

- 79 -

To initialize the initial or previous processing status when next started

/opt/$PRODUCT_KIND/bin/ifistr -m c 1>>$DEBUG 2>&1

Stopping

When there are Process Flow or Process Function requests being executed, they are aborted and the stop is forced (initialsetting)

/opt/$PRODUCT_KIND/bin/ifistp -m f 1>>$DEBUG 2>&1

When there are Process Flow or Process Function requests being executed, they are first completed, and then stop isprocessed

/opt/$PRODUCT_KIND/bin/ifistp -m n 1>>$DEBUG 2>&1

2. Creating symbolic links

Create symbolic links in the correct directory. Symbolic link names are fixed.

- For Solaris

Link source customization file Symbolic link name

Forstarting

/opt/FJSVifisv/lib/rcscript_FJSVifisv /etc/rc2.d/Sa9ifisv

Forstopping

/opt/FJSVifisv/lib/rcscript_FJSVifisv /etc/rc0.d/K00ifisv

Example:ln -s /opt/FJSVifisv/lib/rcscript_FJSVifisv /etc/rc2.d/Sa9ifisvln -s /opt/FJSVifisv/lib/rcscript_FJSVifisv /etc/rc0.d/K00ifisv

- For Linux

Link source customization file Symbolic link name

/opt/FJSVifisv/lib/rcscript_FJSVifisv /etc/init.d/ifisv

Example:ln -s /opt/FJSVifisv/lib/rcscript_FJSVifisv /etc/init.d/ifisv

3. Registering scripts (for Linux only)

Register the script using the chkconfig command provided by the OS.

- Example of script registration

/sbin/chkconfig --add ifisv

- 80 -

Chapter 9 Changing the Setup InformationThis chapter explains how to change the information defined during setup after Information Integrator has started operating.

9.1 Changing the Information Integrator Server EnvironmentThis section explains how to change the Information Integrator Server environment in the following ways.

- Adding, changing and deleting users

- Changing the operating environment

- Changing the management area

9.1.1 Adding, Changing and Deleting UsersThis section explains how to add, change and delete the following users that use Information Integrator.

- Information Integrator privilege users that have already been registered

- Information Integrator operation users (the users that create, register or look up definitions)

- Information Integrator operation users (the users that operate Process Flow)

Privilege users and operation users (the users that create, register or look up definitions)

Edit the following keys in the operating environment file.

- admuser

- defuser

- defreaduser

Use the following procedure to add, change or delete users.

Figure 9.1 Procedure for adding, changing and deleting users

Refer to "4.1.1 Editing the Operating Environment File" for details on the operating environment file.

Refer to "Chapter 8 Starting and Stopping the System" for details on how to start and stop the Information Integrator Server.

- 81 -

Note

Before stopping or starting the Information Integrator Server, use the Operation Management Client to check the status of processes so asto perform these operations when the impact on business activities will be minimal.

Operation users (the users that operate Process Flow)

To operate Information Integrator by determining which users perform operations for each process group (by enabling "procgrp_userctl"in the operating environment file), the users that perform operations for each process group can be added, changed or deleted using theifiuserctl command (the user privilege manipulation command). Refer to the Command Reference for details.


9.1.2 Changing the Operating EnvironmentSometimes there is a need to change the operating environment for the server after operations commence, such as changing the executionconcurrency of processes, or the size of start stop logs, definition operations logs or Process Flow execution logs.In such cases, change the content of the definitions in the operating environment file.

Use the following procedure to change the operating environment.

Figure 9.2 Procedure for changing the operating environment


Refer to "Chapter 8 Starting and Stopping the System" for details on how to start and stop the Information Integrator Server.

Note

Before stopping or starting the Information Integrator Server, use the Operation Management Client to check the status of processes so asto perform these operations when the impact on business activities will be minimal.

9.2 Changing the Destination SystemOnce operations have commenced, it will be necessary to change the settings for the destination system if connection destination systems(collection source (system) and delivery destination (system)) are changed or added, or if the communication protocol(s) is changed.

Refer to "Chapter 6 Setting Up an Environment for Sending and Receiving Files" for details on the setting items for destination systemsand how to specify these settings.

- 82 -

Chapter 10 Setup for Cluster SystemsInformation Integrator can be operated on cluster systems. This chapter explains how to set up an environment required for InformationIntegrator to run on cluster systems and how to operate Information Integrator on cluster systems.

10.1 Overview of Cluster SystemsThis section explains the cluster systems where Information Integrator is running.

Supported cluster systems

Information Integrator runs on the following cluster systems:

- For Windows

- Microsoft Cluster Service (MSCS)

- Failover Cluster

- For UNIX

- PRIMECLUSTER (active/standby node configurations)

Support range

Information Integrator supports the following operation configurations as cluster standby operations:

- 1:1 active/standby

10.2 Cluster System ConfigurationsThe figure below shows the system configuration where Information Integrator is installed on a cluster system.

Note that Failover Cluster and MSCS do not have the concept of "active node" and "standby node", but hereafter the node where theresource group that contains the generic service resources for Information Integrator is active is referred to as "the active node", while thenode where that resource group is inactive is referred to as the "standby node".

Figure 10.1 System configuration for Failover Cluster

Shared disks

Use the shared disk to place operation resources for Information Integrator and the Information Integrator resources that have been placedwithin Symfoware Server.

- 83 -

Refer to "10.3 Disk Allocation for Operation Resources" for information on the operation resources that may need placing on the shareddisk.

Local disks

The local disk is the disk where Information Integrator has been installed.On the local disk, place only the RDB configuration parameter file for Symfoware Server that is used by Information Integrator.Refer to "10.3 Disk Allocation for Operation Resources" for details.

10.3 Disk Allocation for Operation ResourcesFor cluster operations, consider disk allocation for operation resources so that jobs can be inherited from the active node to the standbynode.

During installation, specify a shared disk as the location of the folder where Information Integrator operation resources are placed so thatthe resources that Information Integrator generates automatically will be placed on the shared disk.

The directories for the resources in the following table are specified by the user during setup. Take note of where these resources areplaced.

Table 10.1 Disks where each resource is placed

Setup tasks Resourcename

Details Localdisk

Shareddisk

CreatingProcess Flowdefinitions

Process Flowdefinition

(Definitionscreated usingIII Studio or adesign sheet)

Any directory ü

Editing theoperatingenvironmentfile

Operatingenvironmentfile

- For Windows

informationIntegratorOperationResourcesInstallDir\etc\ifireg.00.ini

- For UNIX

/opt/FJSVifisv/etc/ifireg.00.ini

ü (*1)

The area forstoring data thatis managedusinggenerations

Specified by the "stk_path" item in the operating environment file ü

The workdirectoryrequired forprocesses toexecute

Specified by the "workdir" item in the operating environment file ü

The directory tobe monitored ineventmonitoring(when adirectory ismonitored)

Specify with "monitordir" in the operating environment file ü

Editing theadapterdefinition file

Adapterdefinition file

- For Windows

Information Integrator operation resources directory (\etc\ifiadpt.ini) specifiedduring installation

ü (*1)

- 84 -

Setup tasks Resourcename

Details Localdisk

Shareddisk

- For UNIX

/opt/FJSVifisv/etc/ifiadpt.ini

Editing thetuningparameter file

Tuningparameter file

Any directory ü

Output folderfor the scriptfile for creatinga managementarea

Specified by the "SYSTEM.output_dir" item in the tuning parameter file ü

Area forcreating theresourcesassociated withthe database

- For Windows

Specified by the "DBMS.dir" item in the tuning parameter file

- For UNIX

Specified by the following keys in the tuning parameter file:

- DBMS.dictionary

- DBMS.log1

- PRC.db_space

- FUNC.db_space

- STK.db_space

ü

- For UNIX

Specified by the following key in the tuning parameter file:

- DBMS.user_control

ü

Creatingscripts

RDBconfigurationparameter file

A file "RDBSystemName.cfg" generated by the ifimks commandü

Batch file forcreating ashared buffer

A batch file generated by the ifimks commandü (*1)

Batch file fordeleting ashared buffer

A batch file generated by the ifimks commandü (*1)

*1: For UNIX, these files are automatically placed on the shared disk when the Information Integrator resources are registered.

ü: Indicates the disk where the resource is placed.

10.4 Setup Procedure

10.4.1 Setup Procedure for WindowsThis section explains the procedure for setting up Information Integrator on Failover Cluster.

- New installation (1:1 active/standby)

Point

Equivalent cluster terminology

- 85 -

The explanation in this chapter is mainly focused on Failover Cluster.To use MSCS, replace the following terms with their equivalents as appropriate.

Table 10.2 Correspondence between cluster system names and feature names

Cluster system name Feature name

Failover Cluster Failover Cluster Management tool

MSCS Cluster Administrator

New installation (1:1 active/standby)

For 1:1 active/standby configurations, use the following procedure:

Figure 10.2 Procedure for setting up the cluster environment

- 86 -

1. Preparation

Allocate the resources for Information Integrator to run on the cluster system.

2. Install Information Integrator (active node)

Install Information Integrator on the active node.

3. Set up an environment for Information Integrator (active node)

Set up an environment for Information Integrator on the active node.

4. Install Information Integrator (standby node)

Install Information Integrator on the standby node.

5. Set up an environment for Information Integrator (standby node)

Set up an environment for Information Integrator on the standby node.

6. Register with Failover Cluster

Register Information Integrator with Failover Cluster.

7. Check that Information Integrator services run

Check that the Information Integrator services that have been registered with Failover Cluster can run.

10.4.1.1 PreparationBefore installing Information Integrator on Failover Cluster, allocate the resources listed below as an operating environment for FailoverCluster. Refer to the Failover Cluster manual for details.

- On the shared disk device, prepare the physical disks for storing Information Integrator operation resources and for storing the resourcesplaced within Symfoware Server that are used by Information Integrator.

- Prepare an IP address for Failover Cluster.

10.4.1.2 Installing Information IntegratorThe procedure for installing Information Integrator on Failover Cluster is slightly different from the normal installation procedure. Usethe following procedure to install Information Integrator on Failover Cluster:

- Active node

Install Information Integrator on the disk for the active node. Place the operation resources for Information Integrator on the shareddisk.

Note that it is necessary to enable the active node to write to the shared disk beforehand. Use the Failover Cluster Management toolto bring the physical disk resource online.

If the shared disk for the installation directory has not been registered as a resource with Failover Cluster, stop the standby node beforeperforming the installation.

- Standby node

Install Information Integrator on the disk for the standby node. Place the operation resources for Information Integrator on the samedrive and folder of the same shared disk as that for the active node.

Note that it is necessary to enable the standby node to write to the shared disk beforehand. Use the Failover Cluster Management toolto move the group and modify the physical disk resource online.

If the shared disk for the installation directory has not been registered as a resource with Failover Cluster, stop the active node beforeperforming the installation.

10.4.1.3 Setting up an Environment for Information IntegratorCustom environment settings are required to operate Information Integrator with Failover Cluster.Perform the following procedure:

- Tasks on the active node

- 87 -

- Tasks on the standby node

Tasks on the active node

1. Set up the system (the HOSTS and SERVICES files)

Set up the HOSTS file and the SERVICES file. Refer to "3.2 Setting Up the System" for details.

The figure below shows the relationship between the cluster IP address and the definition settings for Information Integrator, usinga 1:1 active/standby configuration as an example.In this example, the host name "nodeA" is using the cluster IP address "aaa.bbb.ccc.ddd". To connect to Information Integrator froma remote system, specify the host name for the Failover Cluster IP address ("nodeA").

Figure 10.3 Relationship between the cluster IP address and the definition settings for Information Integrator

2. Set up environment variables

Set up environment variables. Refer to "3.2.4 Setting Up Environment Variables" for details.

Also, set the "APSTPMODE" system environment variable to "f", so that Information Integrator will be stopped forcibly when itstops.

3. Edit the operating environment file

Use the active node to edit the operating environment file. This resource is placed on the shared disk, so this task only needs to beperformed on the active node. Refer to "4.1.1 Editing the Operating Environment File" for details.

4. Edit the adapter definition file

Use the active node to edit the adapter definition file. This resource is placed on the shared disk, so this task only needs to beperformed on the active node. Refer to "4.1.2 Editing the Adapter Definition File" for details.

5. Edit the tuning parameter file

Use the active node to edit the tuning parameter file. Refer to "4.2.2 Editing the Tuning Parameter File" for details.

- 88 -

6. Create scripts

Create scripts using the tuning parameter file. Refer to "4.2.3 Creating Scripts" for details.

7. Copy scripts

Copy the scripts that have been created to the specified directories. Refer to "4.2.3 Creating Scripts" for details.

Note

Take care when placing resources on disks

- The RDB configuration parameter file is placed on the local disks.

- The batch files for creating and deleting shared buffers are placed on the shared disk.

8. Create an RDB dictionary

Create an RDB dictionary by executing the appropriate batch file (one of the scripts). This resource is placed on the shared disk, sothis task only needs to be performed on the active node. Refer to "4.2.4.1 Creating an RDB Dictionary" for details.

9. Register the RDB system

Register the RDB system. Refer to "4.2.4.2 Registering the RDB System [Windows Only]" for details.

Note

In the RDB system setup for Symfoware Server, select MSCS and Active system.

10. Start Symfoware Server

Start Symfoware Server on the active node. Refer to "4.2.4.3 Starting Symfoware Server" for details.

11. Create a work database

Create a work database by executing the appropriate batch file (one of the scripts). This resource is placed on the shared disk, sothis task only needs to be performed on the active node. Refer to "4.2.4.4 Creating a Work Database" for details.

12. Set up the operation management environment

Set up the Web server and the Operation Management Client. Refer to "Chapter 7 Setting Up the Operation ManagementEnvironment" for details.

Tasks on the standby node




Set up environment variables. Set up the same environment variables as for the active node. Refer to "3.2.4 Setting Up EnvironmentVariables" for details.

Set the "APSTPMODE" system environment variable to "f", so that Information Integrator will be stopped forcibly when it stops.

3. Copy scripts


Note

The RDB configuration parameter file is placed on the local disks.

The batch files for creating and deleting shared buffers have already been handled as part of the tasks on the active node, so thereis no need to perform this work on the standby node.

- 89 -

4. Register an RDB system

Register the RDB system. Refer to "4.2.4.2 Registering the RDB System [Windows Only]" for details.



10.4.1.4 Registering with Failover ClusterRegister with Failover Cluster the resource groups required for Information Integrator to run. Use the Failover Cluster Management toolto create groups with the following resource configurations:

- Failover Cluster

- MSCS

Failover Cluster

Register the following resource groups:

- Physical disks

- Client access points

- Generic services (Information Integrator and other products)

- JDBC naming serviceTo use database linkage with Symfoware Server, register the JDBC naming service as a generic application. Refer to the FailoverCluster manual for details.

Specify the following items when registering resource groups:

- For the service name for Information Integrator, select "Interstage Information Integrator SV".

- The dependency relationships for the generic services should be as follows:

1. Physical disks

2. Client access points

3. Symfoware Server

4. Information Integrator

Execute the following command after registering the resource groups:

- Cluster Resource "Interstage Information Integrator SV" /priv StartupParameters=""

MSCS

Register the following resource groups:

- Physical disks

- IP addresses

- Network names

- Generic services (Information Integrator and other products)

- 90 -

- JDBC naming serviceTo use database linkage with Symfoware Server, register the JDBC naming service as a generic application. Refer to the MSCS manualfor details.

Specify the following items when registering resource groups:

- Specify IP addresses for the dependency relationships for network names.

- For the service name for Information Integrator, specify "Interstage Information Integrator SV".

- The dependency relationships for the generic services should be as follows:

1. Symfoware Server

2. Information Integrator

10.4.1.5 Checking that Information Integrator Services Can RunUse the Failover Cluster Management tool to bring the resource group (containing the generic service resources for Information Integrator)online, and check whether Information Integrator has started normally.

10.4.2 Setup Procedure for UNIXThis section explains the procedure for setting up Information Integrator on PRIMECLUSTER.

- New installation (1:1 active/standby)

New installation (1:1 active/standby)

For 1:1 active/standby configurations, use the following procedure:

- 91 -

Figure 10.4 Procedure for setting up the cluster environment

1. Preparation

Allocate the resources for Information Integrator to run on the cluster system.

2. Install Information Integrator (active node)

Install Information Integrator on the active node.

- 92 -

3. Set up an environment for Information Integrator (active node)

Set up an environment for Information Integrator on the active node.

4. Install Information Integrator (secondary node)

Install Information Integrator on the secondary node.

5. Set up an environment for Information Integrator (standby node)

Set up an environment for Information Integrator on the standby node.

6. Sharing

Prepare Information Integrator to run as a cluster system by sharing the environment and definitions created above between theactive node and the standby node.

7. Register Information Integrator resources

Set up environment variables in the state transition procedure.

8. Create cluster resources

Create the database and other product resources as resources managed by PRIMECLUSTER.

9. Create user applications

Create a user application to link the resources that have been created.

10.4.2.1 PreparationBefore installing Information Integrator on the cluster system, secure the resources listed below as an operating environment for the clustersystem. Refer to the PRIMECLUSTER manual for details.

- On the shared disk device, prepare the physical disks for storing Information Integrator operation resources and for storing the resourcesplaced within Symfoware Server that are used by Information Integrator.

- Prepare IP addresses for the cluster system.

10.4.2.2 Installing Information IntegratorThe procedure for installing Information Integrator on a cluster system is slightly different from the normal installation procedure. Usethe following procedure to install Information Integrator on the cluster system:

- Install Information Integrator on the active node and the standby node.

- Specify the same installation directory for all nodes.

- Set up the installation directory on a local disk.

- Be sure to use the same group ID when installing Information Integrator on the active node and the standby node.

Take particular care that the group ID (numeric value) is the same, however the group name such as "sys" or "iii" can be different.

If Information Integrator is installed on the active node and the standby node using different group IDs, there is a risk that it may notbe possible to execute jobs after the cluster fails over.For this reason, think carefully about which group ID to use before starting the installation. Check that the same group ID has beenallocated to both the active node and the standby node, or add an identical group ID if necessary, and then start the installation.

10.4.2.3 Setting up an Environment for Information IntegratorCustom environment settings are required to operate Information Integrator with Failover Cluster.Perform the following procedure:

- Tasks on the active node

- Tasks on the standby node

- 93 -

Tasks on the active node



The figure below shows the relationship between the failover cluster IP address and the definition settings for Information Integrator,using a 1:1 active/standby configuration as an example.In this example, the host name "nodeA" is using the failover cluster IP address "aaa.bbb.ccc.ddd". To connect to InformationIntegrator from a remote system, specify the host name for the Failover Cluster IP address ("nodeA").

Figure 10.5 Relationship between the failover cluster IP address and the definition settings for InformationIntegrator

2. Set up system parameters

Set up system parameters. Refer to "3.2.3 Setting Up System Parameters [UNIX Only]" for information on the setup method.


Set up environment variables. Refer to "3.2.4 Setting Up Environment Variables" for details.

4. Edit the operating environment file

Use the active node to edit the operating environment file. This resource is placed on the shared disk, so this task only needs to beperformed on the active node. Refer to "4.1.1 Editing the Operating Environment File" and "10.3 Disk Allocation for OperationResources" for details.

Note

Specifications in the operating environment file

- Be sure to specify the "workdir" item. Specify a directory on the shared disk.

- 94 -

- For "systemname", specify the host name corresponding to the takeover IP address.

- The "stk_path" must be specified. Specify a directory on the shared disk.

- When using event monitoring (when a directory is monitored), specify a directory on the shared disk in "monitordir".

5. Editing the adapter definition file

Use the active node to edit the adapter definition file in the active node. This resource is placed on the shared disk, so this task onlyneeds to be performed on the active node. Refer to "4.1.2 Editing the Adapter Definition File" and "10.3 Disk Allocation for OperationResources" for details.

6. Edit the tuning parameter file

Use the active node to edit the tuning parameter file. Refer to "4.2.2 Editing the Tuning Parameter File" and "10.3 Disk Allocationfor Operation Resources" for details.

7. Create scripts

Create scripts using the tuning parameter file. Refer to "4.2.3 Creating Scripts" for details.

8. Edit scripts

a. Editing the RDB configuration parameter file ("RDBSystemName.cfg")

Edit the following parameters:

- Parameters associated with the RDB directory space

Set "RDBDIRSPACE= rawDeviceNameOnTheSharedDiskDevice (for the directory creation area for SymfowareServer)", and delete both RDBDIRSPACE1 and RDBDIRSPACE2.

- Location for placing log management files (RDBLOGMANAGE)

Specify the name of the raw device that was specified for "DBMS.log1" in the tuning parameter file.

Modification example

- Before:

RDBDIRSPACE1=/IIIDB/RDBDIR/dirRDBDIRSPACE2=/IIIDB/RDBDIR/dir..........RDBLOGMANAGE=/IIIDB/RDBDIR..........

- After:

RDBDIRSPACE=/dev/rdsk/cXtXdXs3..........RDBLOGMANAGE=/dev/rdsk/cXtXdXs4..........

b. Editing the "ifirdbsetup.sh" shell script for creating an RDB dictionary environment (for Linux only)

Delete the following section from the shell script for creating an RDB dictionary environment (ifirdbsetup.sh):

if [ ! -L "$DICDEV" ]

then

echo ERROR:The device is not raw device for dictionary file. 1>&2

exit 1

fi

if [ ! -L "$LOGDEV" ]

- 95 -

then

echo ERROR:The device is not raw device for temporary log file. 1>&2

exit 1

fi

c. Editing the "ifi_createrdb00.sh" shell script for creating a work database (for Linux only)

Delete the following section from the shell script for creating a work database (ifi_createrdb00.sh):

if [ ! -L "${REQDIR}" ]

then

echo ERROR:The device is not raw device for iap dbspace. 1>&2

exit 1

fi

if [ ! -L "${RSMDIR}" ]

then

echo ERROR:The device is not raw device for stk dbspace. 1>&2

exit 1

fi

if [ ! -L "${ACTSVCDIR}" ]

then

echo ERROR:The device is not raw device for act dbspace. 1>&2

exit 1

fi

9. Copy scripts


Note

Take care when placing resources on disks

The RDB configuration parameter file is placed on the local disks.

10. Create an RDB dictionary

Create an RDB dictionary by executing the appropriate batch file (one of the scripts). This resource is placed on the shared disk, sothis task only needs to be performed on the active node. Refer to "4.2.4.1 Creating an RDB Dictionary" for details.

11. Start Symfoware Server

Start Symfoware Server on the active node. Refer to "4.2.4.3 Starting Symfoware Server" for details.

12. Create a work database

Create a work database by executing the appropriate batch file (one of the scripts). This resource is placed on the shared disk, sothis task only needs to be performed on the active node. Refer to "4.2.4.4 Creating a Work Database" for details.

After creating the work database, start Information Integrator in COLD start mode. After Information Integrator has started, stopboth Information Integrator and Symfoware Server.



Tasks on the standby node



- 96 -

2. Set up system parameters

Set up system parameters. Set up the same system parameters as for the active node. Refer to "3.2.3 Setting Up System Parameters[UNIX Only]" for information on the setup method.


Set up environment variables. Set up the same environment variables as for the active node. Refer to "3.2.4 Setting Up EnvironmentVariables" for details.

4. Create a directory

Create the directory that was specified for "DBMS.user_control" in the tuning parameter file.

5. Copy scripts

Copy the following script files that have been created on the active node to the standby node:

File name Storage location for the source files (on the active

node)Storage location for the

copied files (on thestandby node)

RDBSystemName.cfg tuningParameterFileSYSTEM.output_dirDir/env - For Solaris

/opt/FSUNrdb2b/etc

- For Linux

/opt/FJSVrdb2b/etc

fssqlenv

rdbbuf

tuningParameterFileSYSTEM.output_dirDir/env The directory created inStep 4



10.4.2.4 SharingTo perform this operation log in as a superuser.

Prepare Information Integrator to run as a cluster system by sharing the environment and definitions between the active node and thestandby node.

This operation performs different processing on the active node and the standby node.

- Information Integrator

- Customize the state transition procedure (active node)

Before executing the ificl setup command, the state transition procedure must be customized according to the user operation mode.A sample state transition procedure is provided in the following directory:

/opt/FJSVifisv/sample/cluster/switch_FJSVifisv

Place this file in the following directory before customizing it:

/opt/FJSVifisv/etc/switch_FJSVifisv

- For Solaris 10, delete the "#" in front of "/usr/bin/newtask -p system -c $$" as below.

Before

##------ newtask add ------

#/usr/bin/newtask -p system -c $$

- 97 -

After

##------ newtask add ------

/usr/bin/newtask -p system -c $$

- Customize the environment variables

Refer to "3.2.4 Setting Up Environment Variables" for information on the environment variables to be customized. Also, setup the following environment variables according to the operation mode for the user:

Table 10.3 Customizable items

Environmentvariable

Settings

IFI_ID Use the default value "00".

MONPROC_FLG To enable process monitoring, enter the default value "ON".To disable process monitoring, enter "OFF".

HULPATH Specify the directory for storing HULFT environment settings files. Refer to "6.2.4Notes on Setup" for information on the operating environment for HULFT.

HULEXEP Specify the directory for storing HULFT execution modules. Refer to "6.2.4 Noteson Setup" for information on the operating environment for HULFT.

- Symfoware Server

Register the RDB system resource with PRIMECLUSTER. The resource name that is registered is the RDB system name that wasspecified for the "RDBNAME" environment variable.

Log in as a superuser to execute the command on both the active node and the standby node.

- For Solaris

/opt/FSUNrdb2b/bin/rdbhsrsc -a -m standby

- For Linux

/opt/FJSVrdb2b/bin/rdbhsrsc -a -m standby

10.4.2.5 Registering Information Integrator ResourcesRegister the state transition procedure with PRIMECLUSTER and then register the resources. Log in as a superuser to execute the shellscript (ificlsetup) for registering the state transition procedure as a resource, in accordance with the procedure described below.

This shell script deletes files and directories and creates symbolic links. Execute this script on both the active node and the standby node(only once on each node).

The storage location for the shell script is as below.

/opt/FJSVifisv/bin/

Note

Execute the shell script (ificlsetup) once on the active node and once on the standby node. Do not execute the shell script more than onceon each node.

Active node

1. Back up Information Integrator resources

Back up the resources for Information Integrator.

- 98 -

tar cvf userSpecifiedFileName_opt.tar /opt/FJSVifisv

tar cvf userSpecifiedFileName_var.tar /var/opt/FJSVifisv

tar cvf userSpecifiedFileName_etc.tar /etc/opt/FJSVifisv

2. Mount the shared disk

Mount the shared disk so that the disk can be referenced from the active node.

3. Register resources

To register resources, execute the shell script (ificlsetup). Specify the resource name "IFI" for the "-n" option. Note that any namecan be specified for the mount point.

ificlsetup -m failoverDiskMountPoint -n IFI -M

Refer to "10.4.2.5.1 When the Command Terminates Abnormally" for information on command errors.

Information

Resource name

The "resource name" is the name for registering Information Integrator with the PRIMECLUSTER system.

Standby node

1. Back up Information Integrator resources

Back up the resources for Information Integrator.

tar cvf userSpecifiedFileName_opt.tar /opt/FJSVifisv

tar cvf userSpecifiedFileName_var.tar /var/opt/FJSVifisv

tar cvf userSpecifiedFileName_etc.tar /etc/opt/FJSVifisv

2. Mount the shared disk

Mount the shared disk so that the disk can be referenced from the standby node.

3. Register resources

To register resources, execute the shell script (ificlsetup). For the "-n" option, specify the resource name specified on the activenode.

ificlsetup -m failoverDiskMountPoint -n IFI-S

Refer to "10.4.2.5.1 When the Command Terminates Abnormally" for information on command errors.

Execution example for the ificlsetup shell script

In the following example, the shell script is executed on the active node for standby operations:

# ./ificlsetup -m failoverDiskMountPoint -n IFI-M

60 <- The resource ID corresponding to the "-n" option is notified.

10.4.2.5.1 When the Command Terminates Abnormally

This section explains what to do if the ificlsetup command terminates abnormally.

Refer to the error message that was output when the ificlsetup command was executed, and take the following action:

- If the error message contains the string "clsetproc" or "claddprocrsc"

1. Rectify the problem by using the information provided in the error message.

- 99 -

2. Execute the command below. Specify the registered resource name for the "-n" option.

ificlsetrsc -n IFI

Check that the resource ID corresponding to the "-n" option has had the change applied after the command is executed.

- For all other cases

1. Restore the environment.

a. Execute the following command:

ificlsetup -r

b. Restore the environment based on the Information Integrator resources backup prior to resource registration.

tar xvf userSpecifiedFileName_opt.tartar xvf userSpecifiedFileName_var.tartar xvf userSpecifiedFileName_etc.tar

2. Rectify the problem by using the information provided in the error message.

3. Re-execute the "ificlsetup" command.

10.4.2.6 Creating Cluster ResourcesCreate the database and create other product resources as "resources managed by PRIMECLUSTER".

The resources below will need to be created.

Refer to the PRIMECLUSTER manual for information on the tasks to be performed.

- RDB


Note

For Linux, perform the procedure in "10.4.2.7 Creating User Applications" before creating cluster resources.

For Solaris

Create the necessary resources in Global Cluster Services in the Web-Based Admin View. Refer to the PRIMECLUSTER manual forinformation on the procedure.

1. Stop RMS.

2. Register the resources below with the user application. Specify the following items when creating cluster resources:

- RDB

Resource type: "Symfoware"

RDB system name: The name specified in the "RDBNAME" environment variable


Resource type: "Procedure"

Resource name: "IFI"

Procedure class: "BasicApplication"

Procedure resource name: "IFI"

- 100 -

For Linux

After stopping the RMS in Global Cluster Services in the Web-Based Admin View, create the necessary resources using thePRIMECLUSTER RMS Wizard. Refer to the PRIMECLUSTER manual for information on the procedure.

1. Stop RMS using Global Cluster Services in the Web-Based Admin View.

2. Execute the hvw command to start the RMS Wizard.

3. Select Application-Edit from the Main RMS management menu of the RMS Wizard.

4. Select the desired application from the Application selection menu.

5. Use the turnkey wizard "STANDBY" to register the following resources:

- RDB

1. Select Symfoware.

2. Select AdditionalResource.

3. Select the RDB system name.

Select the same name as that specified in the "RDBNAME" environment variable

Check that the name of the RDB system has been set for "ResourceName".

4. Select SAVE+EXIT.


1. Select Procedure:BasicApplication.

2. Select AdditionalProcedureResource.

A list of cluster resources will be displayed.

3. Select IFI.

4. Select SAVE+EXIT.

6. Perform the "Generate" and "Activate" operations.

- Select Configuration-Generate from the Main RMS management menu.

- Select Configuration-Activate from the Main RMS management menu.

10.4.2.7 Creating User ApplicationsCreate a user application to link the resources that have been created in "10.4.2.5 Registering Information Integrator Resources".

Refer to the PRIMECLUSTER manual for information on the tasks to be performed.

For Solaris

Create the user applications to be linked to the created resources in Global Cluster Services in the Web-Based Admin View. Refer tothe PRIMECLUSTER manual for information on the procedure.

1. Stop RMS.

2. Delete the user application.

Select userApplication to delete only the user application.

3. Create user applications, specify the parameters, and configure to suit the operating environment. Setting examples are shown below.Refer to the PRIMECLUSTER manual for details.

- AutoStartUp

Yes

- AutoSwitchOver

No

- 101 -

- PersistentFault

1

- OnlinePriority

NONE

- ShutdownPriority

No

- StandbyTransitions

0

- HaltFlag

Yes

For Linux

After stopping the RMS in Global Cluster Services in the Web-Based Admin View, create the user applications to be linked to thecreated resources using the PRIMECLUSTER RMS Wizard. Refer to the PRIMECLUSTER manual for information on the procedure.


2. Execute the hvw command to start the RMS Wizard.

3. Use the RMS Wizard to create a user application.

- To create a new user application, select Application-Create from the Main RMS management menu.

- To utilize an existing user application, select Application-Edit from the Main RMS management menu and change theconfiguration.

Specify the attributes.

Setting examples are shown below. Configure to suit the operating environment. Refer to the PRIMECLUSTER manual for details.

- AutoStartUp

yes

- AutoSwitchOver

HostFailure|ResourceFailure

- PersistentFault

1

- OnlinePriority

0

- ShutdownPriority

NONE

- StandbyTransitions

StartUp|SwitchRequest

- HaltFlag

Yes

- 102 -

10.5 Uninstallation

10.5.1 For WindowsTo uninstall Information Integrator that has been installed on a cluster system, first delete the Information Integrator resources from theFailover Cluster. Then, bring the physical disk resource online to enable the shared disk to be used, and perform the uninstallation.

Deleting Information Integrator resources from Failover Cluster

Use the Failover Cluster Management tool to delete the generic service resources for Information Integrator from Failover Cluster.

Bringing the shared disk online and uninstalling

- Active node

Before uninstalling Information Integrator, bring the physical disk resource online so that it is possible to write to the shared diskusing the Failover Cluster Management tool.

- Standby node

Before uninstalling Information Integrator, bring the physical disk resource for the standby node online by moving the group so thatit is possible to write from the standby node to the shared disk using the Failover Cluster Management tool.

10.5.2 For UNIX

Deleting cluster resources

- For Solaris

1. Stop RMS.

2. Delete the user application and the cluster resources.

Select userApplication to delete only the user application.

When deleting cluster resources, the RDB and Information Integrator deletion sequence is unimportant.

- For Linux


2. Use the PRIMECLUSTER RMS Wizard to delete the user application and the cluster resources.

Deleting the active node

- Log in to the active node.

- Execute the following command and check the resource ID for the resource name "IFI":

/etc/opt/FJSVcluster/bin/clgettree

[Execution example]

Node 3 clsrv_01 ON

SDX_DC 68 class0003 OFF-STOP

SDX_DC 502 class2003 OFF-STOP

Ethernet 52 hme0 UNKNOWN

IP_Address 1562 hme0:1 UNKNOWN

BasicApplication 1636 IFI OFF-STOP

DISK 23 c0t0d0 UNKNOWN



In the example above, the resource ID for "IFI" is "1636".

- 103 -

1. Delete Information Integrator resources and the state transition procedure, and cancel sharing.Replace the resource ID with the resource ID for "IFI".

ificlsetup -r

/etc/opt/FJSVcluster/bin/cldelprocrsc -r resourceID

/etc/opt/FJSVcluster/bin/cldelproc -c BasicApplication switch_FJSVifisv

2. Symfoware Server

Delete the RDB system. Execute the command as a superuser.

Delete the resource for Symfoware Server beforehand. (Resource name: RDBsystemName)

Execute this command on both the active node and the standby node.

- For Solaris

/opt/FSUNrdb2b/bin/rdbhsrsc -d

- For Linux

/opt/FJSVrdb2b/bin/rdbhsrsc -d

3. Uninstall Information Integrator.

Deleting the standby node

Log in to the standby node and perform the same operations as for the active node.

Note that the resource ID on the standby node is not the same as on the active node, so be sure to check.

10.6 Notes on Changing DefinitionsTo change the definitions for Information Integrator with Failover Cluster, use the Failover Cluster Management tool to bring the physicaldisk resource online so that it is possible to write to the shared disk. Similarly, be sure to bring the resource for the "Interstage InformationIntegrator SV" service online before changing the definitions.

10.7 Notes when a Failover OccursIf a failover occurs during process execution on a Failover Cluster, perform the recovery procedure on the node to which operationsswitched. Refer to the Operation Guide for details.

- 104 -

Appendix A Supplementary InformationThis appendix presents supplementary information on the setup tasks for Information Integrator.

A.1 Correcting Errors with the ifimks CommandIf an error is detected when the ifimks command is executed, it may be due to the causes shown below.

Identify the cause of the error from the error message, and take the appropriate action.

Table A.1 Errors with the ifimks command and actions to take

Error message Cause Action

Specified output directory does not exist.The directory specified for"SYSTEM.output_dir" does not exist.

Check whether the value specified for"SYSTEM.output_dir" is a directory thatalready exists.

Specified output directory access error.The directory specified for"SYSTEM.output_dir" cannot be accessed.

Check whether the value specified for"SYSTEM.output_dir" is a directory thatalready exists.

It overlaps operand - operand.An operand (either "-m" or "-f") has beenduplicated.

Check the specified operands.

There is an error with the specified value ofthe operand. - operand

The value specified for an operand isincorrect.

Check the operands specified when thecommand was executed.

Specified file path is too long. - operand The specified file name is too long. Change the file name.

A required operand is not specified. A required operand is missing. Check the specified operands.

Specified file is not found. The tuning parameter file does not exist. Check the tuning parameter file.

Specified file access error.The tuning parameter file cannot beaccessed.

Check the tuning parameter file.

Specified file path is invalid. The specified file path is invalid.Check the tuning parameter file.Also, check whether the directories enteredin the tuning parameter file are correct.

Temporary resource access error. An error has occurred during area allocation.Re-execute the command.If this error reoccurs, contact Fujitsutechnical support.

Failed to read the tuning parameter file. Reading the tuning parameter file has failed. Check the tuning parameter file.

Tuning parameter file is 0 bytes.

The size of the tuning parameter file is zerobytes.Alternatively, no keys have been specifiedin the tuning parameter file.

Check the tuning parameter file.

An invalid value is specified. Key An invalid value has been specified. Check the value specified for the key.

Specified value is too long. - key The specified value is too long. Check the value specified for the key.

ESTIMATE key(retent_period orprc_in_day or indtran_in_day orfunc_in_day or databox) is not specified.

One of the following keys has not beenspecified:

- retent_period

- prc_in_day

- indtran_in_day

- func_in_day

- databox

Check the content of the tuning parameterfile.

- 105 -

Error message Cause Action

ESTIMATE key(data_retent_period ordata_in_day) is not specified.

One of the following keys has not beenspecified:

- data_retent_period

- data_in_day


ESTIMATE key(bundle_data) is notspecified.

The following estimation parameter has notbeen specified:

- bundle_data


Failed to estimate the DB capacity. Estimating the database capacity has failed. Contact Fujitsu technical support.

An internal conflict occurred. An internal conflict has occurred. Contact Fujitsu technical support.

Failed to output the table ddl file. Outputting the "table" DDL file has failed. Contact Fujitsu technical support.

Failed to output the dbms file. Outputting the "DBMS" file has failed. Contact Fujitsu technical support.

Failed to output the shell script or batch file. Outputting the "SHELL" file has failed. Contact Fujitsu technical support.

Failed to output the ddl file. Outputting the "DDL" file has failed. Contact Fujitsu technical support.

Failed to output the buffer file. Outputting the "BUFFER" file has failed. Contact Fujitsu technical support.

ESTIMATE key(prc_multi or bundle_data)is not specified.

Either of the following estimationparameters has not been specified:

- prc_multi

- bundle_data


Failed to output the iap file. Outputting the "IAP" file has failed. Contact Fujitsu technical support.

It overlaps key. - key The key value has been duplicated.Check the content of the tuning parameterfile.

An invalid key is specified. - key An invalid key value has been specified.Check the key values in the tuning parameterfile.

An invalid operand is specified. An invalid operand has been specified.Check the operands specified when thecommand was executed.

A required key is not specified. - key A required key is missing.Check the content of the tuning parameterfile.

A required key's value is not specified. - key A required key value is missing.Check the content of the tuning parameterfile.

The number of the characters per line is toomany.

The number of characters per line is toomany.


A.2 Correcting Errors with Creating a Management AreaIf an error is detected when a management area is being created, it may be due to the causes shown below.

Identify the cause of the error from the error message that is displayed, and take the appropriate action.

Table A.2 Errors with creating a management area and actions to take

Cause Action

An environment variable has not been setcorrectly.

Review the environment variable settings by referring to "3.2.4 Setting UpEnvironment Variables". Re-execute the command after taking action.

A file has not been copied, or is not a currentversion.

Copy the file correctly by referring to "4.2.3 Creating Scripts". Re-executethe command after taking action.

- 106 -

Cause Action

A script for creating a management areadoes not exist in the current directory.

Refer to "4.2.3 Creating Scripts". Re-execute the command after takingaction.

The current user does not have executionrights for a script for creating a managementarea.

Refer to "4.2.3 Creating Scripts" and "4.2.4 Creating a Management Area".Re-execute the command after taking action.

The directory that should have been createddoes not exist.

Use the message to identify the directory in question, and determine whichof the following two problems applies:

- The directory in question has not been createdCreate the directory.

- Input error in the tuning parameter fileIf there are differences between the estimated environment and the actualenvironment or if the directory in question has been deleted during theenvironment reconfiguration or migration as a result of businessexpansion, for example, an information inconsistency will occur. In thiscase, it may be time consuming to isolate the cause of the problem. Forthis reason, it is recommended to start again from editing the tuningparameter file.

The actual amount of free space on the rawdevice or directory in the server is less thanthe estimation result.

Start again from editing the tuning parameter file, and recheck the serverenvironment and the estimated values for the server before starting work. Ifthere are differences between the estimated environment and the actualenvironment or if the directory in question has been deleted during theenvironment reconfiguration or migration as a result of business expansion,for example, an information inconsistency will occur. In this case, it may betime consuming to isolate the cause of the problem. For this reason, it isrecommended to start again from editing the tuning parameter file.

Symfoware Server is not running. Refer to "4.2.4 Creating a Management Area". Re-execute the command aftertaking action.

The BI log area that was specified when therdblog command was executed is too large.

Use the ifimks command to make estimates, and check whether the value of"DBMS.log" is more than 31 GB.

If the value is more than 31 GB, review the values specified for the followingkeys in the tuning parameter file so that the estimation result is 31 GB or less:

- ESTIMATE.bundle_data

- ESTIMATE.prc_multi

If an error is detected while a script for creating an environment is running, eliminate the cause of the error, execute the script for deletingthe environment, and then re-execute the script where the error occurred.

The following table shows the correspondence between environment creation scripts and environment deletion scripts:

Table A.3 Correspondence between environment creation scripts and environment deletion scripts (for Windows)

Script type File name

For RDB dictionary environments Creation script ifirdbsetup.bat

Deletion script ifirdbdel.bat

For work databases Creation script ifi_createrdb00.bat

Deletion script ifi_droprdb00.bat

- 107 -

Table A.4 Correspondence between environment creation scripts and environment deletion scripts (for UNIX)Script type File name

For RDB dictionary environments Creation script ifirdbsetup.sh

Deletion script ifirdbdel.sh

For work databases Creation script ifi_createrdb00.sh

Deletion script ifi_droprdb00.sh

Execution example of the script for deleting an RDB dictionary environment

- For Windows

cmd /c .\ifirdbdel.bat

- For UNIX

./ifirdbdel.sh

Execution example of the script for deleting a database

- For Windows

cmd /c .\ifi_droprdb00.bat

- For UNIX

./ifi_droprdb00.sh

Note

When an environment deletion script is executed, an error message may be output. This happens because the environment deletion scriptattempts to delete all of the areas that should have been created, whereas in fact not all areas have been created because an error occurredmidway through creating the environment.This means that there is no need to take any action for the errors that are detected when an environment deletion script is executed.

- 108 -

Appendix B Notes Regarding Setup when Using theInformation Integrator Server

All III Agent definitions can be managed centrally by linking with the Information Integrator Server.

This appendix presents some points to note regarding setup when linking the Information Integrator Server and III Agent.

- Register Process Flow definitions using the III Agent

Definitions need to be registered on an Information Integrator Server with the Information Integrator Server installed (referred to asthe Information Integrator Server hereafter), then the definitions need to be delivered to the III Agent in order for Process Flows tobe run with the III Agent.

Refer to "B.1 Delivering Process Flow Definitions to the III Agent" for details.

- Create the environment required to register definitions in the III Agent

To register definitions in the III Agent, an environment that can deliver definitions from the Information Integrator Server needs tobe created.

Refer to "B.2 Creating the Environment Required to Register Definitions in the III Agent" for details.

B.1 Delivering Process Flow Definitions to the III AgentWhen the Information Integrator Server and the III Agent are to be linked, Process Flow definitions for the III Agent are created andmanaged on the Information Integrator Server.

The procedure for delivering Process Flow definitions to the III Agent is as follows:

1. Register the definitions on the Information Integrator Server

Create the Process Flow definitions to be used on the III Agents and register the definitions in the Information Integrator Server.

- 109 -

2. Execute the process for delivering definitions (F3jnGenExec_AE_PROC), provided by the Information Integrator Server, on theInformation Integrator Server. The process for delivering definitions (F3jnGenExec_AE_PROC), delivers all of the definitionsregistered on the Information Integrator Server to the III Agents.

3. The process for registering definitions (F3jnGenExec_CL_PROC) is automatically executed on the III Agents and registers all ofthe definitions. Check that the definitions have been correctly registered on each of the III Agents.

- Registration is not performed if the process for registering definitions (F3jnGenExec_CL_PROC) ends with an error. Possiblecauses are as follows:

- There is an error in the operating environment file of the III Agent

- A Process Flow is being processed on the III Agent

- The Information Integrator Server process for delivering definitions ended with an error, but recovery was not performed

- If the character code of the Information Integrator Server OS and the character code of the III Agent OS are different, thereis an error in the plug-in specified for matching the III Agent OS character code

- If definition registration was not performed correctly, perform recovery with the III Agent that ended in an error (remove thecause of the error and delete the data in the collection DataBox "F3jnGenExec_CL_IPT_BOX"), then perform steps 2 and 3again.

Point

- All of the definitions (definitions used by the Information Integrator Server and the III Agents) registered on the Information IntegratorServer are delivered to the III Agents. By putting Process Flow definitions in process groups with unique names for each of the IIIAgents, it is possible to reference just those definitions applicable to each of the systems.

- If execution schedules have been defined for Process Flows, stop scheduled execution after performing step 3 so that Process Flowsare not unexpectedly executed on the Information Integrator Server or III Agent.

- All of the definitions used by the Information Integrator Server and the III Agent are managed by the Information Integrator Server,so back up and restore definition resources on the Information Integrator Server. After restoring the definition resources, perform steps2 and 3 to deliver the definitions to the III Agents.

B.1.1 Adding, Changing, and Deleting Process Flow Definitions on the IIIAgent

When adding, changing, and deleting Process Flow definitions on the III Agent, after adding, changing, and deleting definitions on theInformation Integrator Server, deliver the definitions (definitions used by the Information Integrator Server and the III Agents) registeredon the Information Integrator Server to the III Agents.

Refer to "B.1 Delivering Process Flow Definitions to the III Agent" for details.

B.2 Creating the Environment Required to Register Definitions inthe III Agent

The following describes the procedure for creating the environment required to register definitions in the III Agent:

- When installing the Information Integrator Server and the III Agent for the first time

Refer to "B.2.1 When Installing a III Agent for the First Time".

- When adding a new III Agent to an environment where the Information Integrator Server and III Agent are already linked

Refer to "B.2.2 When Adding a III Agent".

- When deleting a III Agent from an environment where the Information Integrator Server and III Agent are already linked

Refer to "B.2.3 When Deleting the III Agent".

- 110 -

Note

- When the "HTTP" transfer protocol is used on the Information Integrator Server (cannot be used on the III Agent), set the "systemname"key in the operating environment file before starting the Information Integrator Server and III Agent. Refer to "4.1.1.2 Key Namesand Parameter Values in the Operating Environment File" for information on operating environment files.

- If the OS of the Information Integrator Server and the OS of the III Agent are different and at least one of them is Windows, specify"1" in the "gen_oschk_lv" key in the operating environment files of the Information Integrator Server and all of the III Agents. Referto "4.1.1.2 Key Names and Parameter Values in the Operating Environment File" for information on operating environment files. Thesystem needs to be restarted if the operating environment file has been modified.

B.2.1 When Installing a III Agent for the First TimeWhen the Information Integrator Server and the III Agent are linked for the first time, an environment needs to be created to deliver allof the definitions registered in the Information Integrator Server to the III Agent.

Performing the procedure on the Information Integrator Server

1. In the HOSTS file for the Information Integrator Server, set the host information for the III Agent to be connected. Refer to "3.2.1Setting Up the HOSTS (hosts) File " for information on configuring the HOSTS file.

2. Create a process definition (sample definition) for delivering definitions to the III Agents.

First, register the sample definition provided by the Information Integrator Server to the Information Integrator Server. Execute theifigenexec command (simple definition operation) on the Information Integrator Server to register the sample definitions on theInformation Integrator Server. Stop Information Integrator Server before executing this command.

Windows

ifigenexec.cmd ADD informationIntegratorServerInstallationDir\sample\defproc\defexecproc.xml

UNIX

ifigenexec.cmd ADD /opt/FJSVifisv/sample/defproc/defexecproc.xml

Note that if messages starting with "IF" are output when the command is executed, processing may have failed due to the reasonsshown below. Refer to the Command Reference, take the action recommended, and re-execute the command.

- The file name is not a full path.

- An invalid file name was specified.

- The user executing the command does not have administrator rights.

3. Start the Information Integrator Server.

4. Edit the registered definition

Edit the sample definition registered on the Information Integrator Server to suit the III Agent environment.

- How to edit

Use III Studio extract the definitions, then edit them.

- Name of definition to be acquired

Data source definition ID "F3jnGenExec_AE_SRC" and "F3jnGenExec_CL_SRC"

- Content to edit

F3jnGenExec_AE_SRC

This is the definition that enables communication (using the "FTP+" protocol) between the Information Integrator Server andthe III Agent. Note that communication using the "FTP+" protocol also uses this definition. Edit the following:

- Remote system name (Host name of the Information Integrator Server)

- 111 -

- Remote system user (III Agent authentication)

- Remote system password (III Agent authentication)

- Local system user (Information Integrator Server authentication)

- Local system password (Information Integrator Server authentication)

- Communication path (set to correspond to F3jnGenExec_CL_SRC mentioned later)

F3jnGenExec_CL_SRC

This is the definition that enables communication (using the "FTP+" protocol) between the III Agent and the InformationIntegrator Server. Note that communication using the "FTP+" protocol also uses this definition. Edit the following:


- Remote system user (Information Integrator Server authentication)

- Remote system password (Information Integrator Server authentication)

- Local system user (III Agent authentication)

- Local system password (III Agent authentication)

- Communication path (set to correspond to F3jnGenExec_AE_SRC mentioned earlier)

Furthermore, if the character code of the Information Integrator Server OS and the character code of the III Agent OS aredifferent, with the process for delivering definitions (F3jnGenExec_AE_PROC), use the plug-in provided with the InformationIntegrator Server to match the character code of the III Agent OS, then deliver the data (deliver definitions). Specify the plug-in to be used in the process definition in accordance with the environment to be used. Ensure the definition executes the plug-in prior to the data being delivered.

OS character code Name of plug-in to be used

Information IntegratorServer

III Agent

EUC(S90) Shift-JIS F3jnGenExec_CNV_PLG_Euc2Sjis

EUC(S90) UTF-8 F3jnGenExec_CNV_PLG_Euc2Utf8

Shift-JIS EUC(S90) F3jnGenExec_CNV_PLG_Sjis2Euc

Shift-JIS UTF-8 F3jnGenExec_CNV_PLG_Sjis2Utf8

UTF-8 EUC(S90) F3jnGenExec_CNV_PLG_Utf82Euc

UTF-8 Shift-JIS F3jnGenExec_CNV_PLG_Utf82Sjis

5. Register the edited definition to the Information Integrator Server.

Register the edited definition to the Information Integrator Server. Register the definition using III Studio.

6. Perform the following on the Information Integrator Server:

Use the ifigenexec command (simple definition operation) to export registered definitions. Stop Information Integrator Server beforeexecuting this command.

ifigenexec.cmd EXP none export definition file

* Specify the file name with a full path.





- 112 -

7. Use an FTP tool to move the resources output in step 6 to the III Agent.

Performing the procedure on the III Agent

1. In the HOSTS file for the III Agent, set the host information for the Information Integrator Server. Refer to "3.2.1 Setting Up theHOSTS (hosts) File " for information on configuring the HOSTS file.

2. Perform the following on the III Agent:

Use the ifigenexec (simple definition operation) command to import the definitions exported on the Information Integrator Server.Stop Information Integrator Server before executing this command.

ifigenexec.cmd IMPF export definition file process results file


Furthermore, if the character code of the Information Integrator Server OS and the character code of the III Agent OS are different,first use the ificnvdat (text format character code conversion) command on the III Agent to convert the exported definition file tothe character code of the III Agent OS. Refer to the Command Reference for information on commands.





- The III Agent has never been started after installation.Use cold start when starting for the first time.

B.2.2 When Adding a III AgentThe procedure for adding a III Agent is as follows. Refer to "B.2.1 When Installing a III Agent for the First Time" for the procedure forinstalling the III Agent for the first time.


1. In the HOSTS file for the Information Integrator Server, set the host information for the III Agent to be connected. Refer to "3.2.1Setting Up the HOSTS (hosts) File " for information on configuring the HOSTS file.

2. Reference the data source definitions (definition IDs "F3jnGenExec_AE_SRC" and "F3jnGenExec_CL_SRC") used by the ProcessFlow provided by the Information Integrator Server.

Save the referenced definition with a different name and then check.

3. Edit the data source definition to suit the III Agent to be connected.

- F3jnGenExec_AE_SRC

This is the definition that enables communication (using the "FTP+" protocol) between the Information Integrator Server andthe III Agent. Note that communication using the "FTP+" protocol also uses this definition. Edit the following:

- Remote system name (Host name of the III Agent)


- Remote system pass(III Agent authentication)



- Communication path (set to correspond to F3jnGenExec_CL_SRC mentioned earlier)

- F3jnGenExec_CL_SRC

This is the definition that enables communication (using the "FTP+" protocol) between the III Agent and the InformationIntegrator Server. Edit the following. Note that send files and receive files using the "FTP+" protocol also uses this definition.

- 113 -



- Remote system password (III Agent authentication)



- Communication path (set to correspond to F3jnGenExec_AE_SRC mentioned earlier)

4. Register the definitions edited in step 3 with different ID names. The ID name can be user defined.

5. Edit the process definition (definition ID "F3jnGenExec_AE_PROC") for delivering definitions provided by the InformationIntegrator Server.

a. Copy the data delivery definition "F3jnGenExec_AE_OPT_A".

b. Edit the copied data delivery definition.

After editing the Data delivery group ID, also edit the DataBox to suit the environment.

Furthermore, of the data source definitions registered in step 4, specify the definition that is used by the Information IntegratorServer to communicate with the III Agents (original ID name "F3jnGenExec_AE_SRC").

c. Add this data delivery definition to the process definition. For the process preceding the added data delivery definition, specifythe plug-in definition "F3jnGenExec_AE_PLG01" as was done with the data delivery definition "F3jnGenExec_AE_OPT".

d. If the character code of the Information Integrator Server OS and the character code of the III Agent OS are different, firstuse the following plug-in provided with the Information Integrator to match the character code of the III Agent OS. Specifythe plug-in to be used in the process definition in accordance with the environment to be used. Ensure the definition executesthe plug-in prior to the data being delivered.

OS character code Name of plug-in to be used

Information IntegratorServer

III Agent

EUC(S90) Shift-JIS F3jnGenExec_CNV_PLG_Euc2Sjis

EUC(S90) UTF-8 F3jnGenExec_CNV_PLG_Euc2Utf8

Shift-JIS EUC(S90) F3jnGenExec_CNV_PLG_Sjis2Euc

Shift-JIS UTF-8 F3jnGenExec_CNV_PLG_Sjis2Utf8

UTF-8 EUC(S90) F3jnGenExec_CNV_PLG_Utf82Euc

UTF-8 Shift-JIS F3jnGenExec_CNV_PLG_Utf82Sjis

6. Edit the process definition (definition ID "F3jnGenExec_CL_PROC") for registering definitions provided by the InformationIntegrator Server.

a. In the data collection definition data source list, of the data source definitions registered in step 4, specify the definition thatis used by the Information Integrator Server to communicate with the III Agents (original ID name "F3jnGenExec_CL_SRC").

b. Specify "F3jn-Gen-ExData.*" in "Notified file name".

7. Register the edited definition to the Information Integrator Server.

Register the edited definition to the Information Integrator Server. Register the definition using III Studio.

8. Perform the following on the Information Integrator:

Use the ifigenexec (simple definition operation) command to export registered definitions. Stop Information Integrator Server beforeexecuting this command.

ifigenexec.cmd EXP none export definition file


- 114 -

If the character code of the Information Integrator Server OS and the character code of the III Agent OS are different, use theificnvdat (text format character code conversion) command to convert the exported definition file to the character code of the IIIAgent OS. Refer to the Command Reference for information on commands.





9. Use an FTP tool to move the resources output in step 8 to the III Agent.

Performing the procedure on the III Agent

1. In the HOSTS file for the III Agent, set the host information for the Information Integrator Server. Refer to "3.2.1 Setting Up theHOSTS (hosts) File " for information on configuring the HOSTS file.

2. Perform the following on the III Agent:

Use the ifigenexec (simple definition operation) command to import the definitions exported on the Information Integrator Server.Stop Information Integrator Server before executing this command.

ifigenexec.cmd IMPF export definition file process results file


If the character code of the Information Integrator Server OS and the character code of the III Agent OS are different, first use theificnvdat (text format character code conversion) command on the III Agent to convert the exported definition file to the charactercode of the III Agent OS. Refer to the Command Reference for information on commands.





- The III Agent has never been started after installation.Use cold start when starting for the first time.

B.2.3 When Deleting the III Agent- When it is no longer necessary to link the Information Integrator Server with the III Agent and this type of operation is to be stopped,

delete the definition for delivering definition using the procedure below.


Obtain the process definition for delivering definitions "F3jnGenExec_AE_PROC" and delete the delivery definition for the III Agent tobe deleted from the process definition.

Note

- Do not delete the process definition while it is being used.

- Even if a delivery definition is deleted, the Process Flow definitions that have already been delivered to the III Agent are not deleted.When a Process Flow definition of a III Agent becomes unnecessary, first delete the Process Flow definition of the III Agent beforedeleting the delivery definition. Refer to "B.1.1 Adding, Changing, and Deleting Process Flow Definitions on the III Agent" forinformation on how to delete the Process Flow definitions for the III Agent.

- 115 -

Appendix C Certificate Management Package CommandsThis chapter explains the commands provided in the certificate management package.

C.1 Location of the CommandsCertificate management package commands are stored in the following location:

- UNIX

/usr/bin

- Windows (32-bit)

windowsOSinstallDisk\Program Files\Common Files\Fujitsu Shared\F3FSSMEE

- Windows (64-bit)

windowsOSinstallDisk\Program Files (x86)\CommonFiles\Fujitsu Shared\F3FSSMEE

C.2 Compatible Character SetsThe characters that can be used in the private keys, PINs, and other strings specified with the commands of the certificate managementpackage are predetermined. Refer to the following table:

Category: Character

Alphabet ABCDEFGHIJKLMNOPQRSTUVWXYZ

abcdefghijklmnopqrstuvwxyz

Numerals 123456789

Symbols !"#%&'()*+,-./:;<=>?[\]^_{|}~

Spaces ' '

C.3 mkslt (Generate Slot)

Description

Creates the slot in the slot directory.

Notes

- When entering a slot password, the characters are hidden.

- Refer to "C.2 Compatible Character Sets" for information on compatible characters for the slot password.

- The user must manage the slot password specified in this command and the slot ID that is returned by the command.

Command format

mkslt -sd slotDir

Operand

-sd slotDir

Specify the slot directory where the slot is to be created using a full path. The slot directory must have already been created.

- 116 -

Command execution example (UNIX)

When the command is executed, enter a slot password into the dialog. Below is an example of the dialog when generating the slot. Theslot directory is created in "/home/slot" in the following example:

Example# mkslt -sd /home/slot

Setting Slot-password.

Slot-password: <- (1) slotPwd

Retype: <- (2) Re-enter slotPwd

mkslt: Succeeded. New Slot-ID Is 1. <- (3) completionMessage

Example#

Enter the slot password in (1) and (2) using 6 to 128 characters. The slot password set with this command is used when executing mktkn.

(3) The command execution results and the generated slot ID are displayed. In the above example, the slot ID is 1.

C.4 mktkn (Generate Token)

Description

Generates and attaches a token for the slot.

Notes

- When entering a slot password, SO-PIN, and user PIN, the characters are hidden.

- The user must manage the SO-PIN and user PIN set with this command. Set the user PIN in the "token password" when using SSLcommunication with the Information Integrator Server.

Command format

mktkn -sd slotDir

-sn slotID

-tl tokenLabel

Operand

-sd slotDir

Specify the slot directory using a full path.

-sn slotID

Specify the slot that will accept the token. Specify the slot ID notified by mkslt.

-tl tokenLabel

Specify a string of no more than 32 characters for the token label of the token to be generated. The token label specified is used toidentify the token. Refer to "C.2 Compatible Character Sets" for information on compatible characters.


When the command is executed, enter a slot password into the dialog. Below is an example of the dialog when generating the slot. Theslot directory is created in "/home/slot" in the following example:

Example# mktkn -sd /home/slot/ -sn 1 -tl Token01

Slot-password: <- (1) slotPwd

Setting SO-PIN (also used as Token-password).

SO-PIN: <- (2) SO-PIN

- 117 -

Retype: <- (3) Re-enter SO-PIN

Setting User-PIN.

User-PIN: <- (4) userPIN

Retype: <- (5) Re-enter userPIN

Example#

(1) Enter the slot password set with mkslt.

Enter the SO-PIN in (2) and (3) using 6 and 128 characters. Refer to "C.2 Compatible Character Sets" for information on compatiblecharacters that can be used.

Enter the user PIN in (4) and (5) using 6 and 128 characters. Refer to "C.2 Compatible Character Sets" for information on compatiblecharacters.

C.5 cmmkenv (Create Environment)

Description

Creates the directories and performs the initial settings required to use the certificate and CRL management environment.

Notes

- When specifying parameters in the -fromdir and -todir options, ensure that you separate with a comma (,).

- The directory specified for the -todir option for storing the certificates and for the CRL cannot be the same directory.

Command format

cmmkenv certificateManagementDir

[-fromdir certificateDir, CRLdir]

-todir certificateDir, CRLdir

Operand

certificateManagementDir

Specify the certificate management directory using a full path.

-fromdir certificateDir, CRLdir

Specify when a directory already exists, such as when moving the operation environment. Do not specify this option when creating anew management environment.

- Certificate directory

Specify the certificate directory using a full path.

- CRL directory

Specify the CRL directory using a full path.

-todir certificateDir, CRLdir

Specify the directory where the environment is to be created.

- Certificate directory

Specify the certificate directory using a full path.

- CRL directory

Specify the CRL directory using a full path.

- 118 -


When this command is executed, enter a slot password into the dialog. Below is an example of the dialog when generating the slot. Theslot directory is created in "/home/slot" in the following example.

Example#cmmkenv /home/sslcert -todir /home/sslcert/cert,/home/sslcert/crl

Example#

C.6 cmsetenv (Set Environment)

Description

Sets the Japanese character code to be used in the following directories:

- Slot directory (private key environment)

- Certificate management directory (public key environment)

-

Command format

cmsetenv certificateManagementDir

-sd slotDir

-rs certificateValidityCheckingMode

[-cs CRLsearch]

[-po certificateAcceptancePolicy]

[-ip]

[-ie]

[-ia]

[-cm certificationPathLength]

[-lh LDAPserverHostName]

[-lp LDAPserverPortNumber]

[-lw LDAPserverResponseWaitTime]

[-lc HOPcount]

[-oh OCSPserverOrCertificateValidationServerHostName]

[-op proxyServerHostName]

[-ow OCSPserverOrCertificateValidationServerResponseWaitTime]

[-oa OCSPserverEncryptionAlgorithm]

[-or certificateValidityCheckingMode]

Operand

certificateManagementDir


-sd slotDir


-rs certificateValidityCheckingMode

Specify how the certificate validity is to be checked. The recommended value is 1. When the validity of the certificate is to be checkedalways from the same place, use the value that suits that operation.

0: Do not check validity

1: Follow the certificate settings (recommended)

2: Check validity with CRL

3: Check certificate validity with the OCSP (OCSP server)

4: Check certificate validity with the OCSP extension (certificate validation server)

5: Follow the certificate settings (use the environment settings for the address of the LDAP server)

- 119 -

-cs CRLsearch

Specify the way CRLs used for certificate validation is to be found.

0: Use the first valid CRL found in the search (default)

1: Use the newest CRL after all CRLs have been searched

-po certificateAcceptancePolicy

Specify the object identifier of the acceptance policy used when validating certificates. The object identifier specified here is used fordetermining whether a certificate is covered by the policy. The entry format is as shown below. Delimit with a comma (,) whenspecifying more than one. The default is 2.5.29.32.0 which indicates "any-policy".

To specify one policy: 1.2.8000

To specify two policies: 1.2.8001,1.2.8002

To specify N policies: 1.2.8001,1.2.8002,...,1.2.8052

-ip

Specify if policy mapping is not allowed in a certification path when validating certificates. In an environment where mutual verificationoccurs (GPKI for example), policy mapping is required so do not specify this.

-ie

Specify when at least one certificate acceptance policy is to be forced when validating certificates.

-ia

Specify when "any-policy" is not allowed in the policies of a certificate when validating certificates.

-cm certificationPathLength

Specify the maximum length of the certification path (certification path length) to be created, between 0 and 100. When omitted or"0", there is no maximum limit.

-lh LDAPserverHostName

Specify the host name or IP address of the LDAP server. The format is as follows:

Host name: LdapHost

IP address: 10.131.202.50

-lp LDAPserverPortNumber

Specify the port number for the LDAP server. The system default port is used if this is omitted.

The format is as follows:

80

-lw LDAPserverResponseWaitTime

Specify the response wait time for the LDAP server between 1 and 300 seconds. The default is 150 seconds.

-lc HOPcount

Specify the HOP count from LDAP server to LDAP server when using referrals, between 0 and 100. If "0" is specified, there will beno limit to the HOP count. The default is 5.

-oh OCSPserverOrCertificateValidationServerHostName

Specify the OCSP server or certificate validation server host name.


http://aaa.bbb.ccc:8000

https://aaa.bbb.ccc:8000

https can only be specified when '4' has been specified for the -rs option. An error will occur when validating certificates if an invalidscheme is specified (other than "http://" or "https://").

- 120 -

-op proxyServerHostName

Specify the host name of the proxy server used by OCSP or OCSP extension. The specified proxy server is also used when the CRLis searched using http when validating certificates. It is also used when "https://" is set with the -oh option.


http://aaa.bbb.ccc:8888

-ow OCSPserverOrCertificateValidationServerResponseWaitTime

Specify the response wait time for the OCSP server or certificate validation server between 1 and 600 seconds. The default is 150seconds.

-oa CSPserverEncryptionAlgorithm

Specify the encryption algorithm used on the OCSP server. This is unrelated to the signature algorithm of the certificate.

0: SHA1 (default)

1: MD5

-or certificateValidityCheckingMode

If the OCSP server is operating as an agent rather than as the CA itself, specify how validity is to be checked for certificates used insignatures in the response to the OCSP.

0: Do not check validity (default)

1: Follow the certificate settings


Below is an example of when this command is executed. In the following example, "/home/sslcert" is set as the certificate managementdirectory and "/home/slot" is set as the slot directory.

Example# cmsetenv /home/sslcert -sd /home/slot

Example#

C.7 cmmakecsr (Create Certificate Request)

Description

A certificate request is created from the certificate request information specified and output to a file. The certificate request that is outputis needed by the certificate authority to create the certificate.

Notes

- When entering a user PIN, the characters are hidden.

- A new key pair is created if either of the kt or kb parameters is specified.

- Do not specify Japanese for the c, cn, o, ou, ea, t, tel, l, and s parameters.

- RSA algorithm encryption is an encryption algorithm for public keys developed by Rivest, Shamir, and Adleman that uses the problemof prime factorization. This product uses a realization of the algorithm unique to Fujitsu.

- When a key pair is deleted, it cannot be restored. For this reason, after creating a CSR with this command or after acquiring andregistering a certificate, create a back up as necessary.

- Attribute information is not created with this command.

- For the kb parameter, all possible key lengths are displayed in USAGE. 3072 or 4096 cannot be specified for the kb parameter if usinga key management environment created with mkslt/mktkn.

- For the sa parameter, all possible signature algorithms are displayed in USAGE. Specify SHA256, SHA384, or SHA512 for the saparameter if using a key management environment created with mkslt/mktkn.

- 121 -

- If 512 is specified for the kb parameter, SHA384 and SHA512 cannot be specified for the sa parameter.

- If a label attached to a key with a key length of 512 is specified for the kl parameter, SHA384 and SHA512 cannot be specified forthe sa parameter.

Command format

cmmakecsr [-ed certificateManagementDir]

-sd slotDir

-tl tokenLabel

-of outputFileName

[-f {TEXT|NOHEAD|V2}]

[-c country]

[-cn name]

[-o organization]

[-ou organizationalUnit]

[-ea emailAddress]

[-t title]

[-tel telephoneNumber]

[-l cityOrLocality]

[-s state]

[-sa {SHA1|MD5|SHA256|SHA384|SHA512}]

{-kl keyLabel | [-kt RSA] [-kb 512|768|1024|2048|3072|4096]}

[-sf randomNumberFile]

Operand

-ed certificateManagementDir

Specify the certificate management directory using a full path. When this option is omitted, the directory specified for the "CMIPATH"environment variable is used.

-sd slotDir


-tl tokenLabel

Specify the token label where there is a key to be used or where a newly created key is to be registered.

-of outputFileName

Specify the full path to the file name to output the certificate request.

-f {TEXT|NOHEAD|V2}

Specify one of the following output formats for the certificate:

TEXT: Output in CSR format.

NOHEAD: Output without a header.

V2: Output in S/MIME format, with an application/pkcs10 header attached.

If this option is omitted, TEXT will be specified as the default value.

Specify NOHEAD if the CA issuing the certificate is InfoCA.

-c country

Specify the country using alphanumerics.

-cn name

Specify the name using alphanumerics. Specify the domain name when the certificate is for an SSL server.

-o organization

Specify the organization using alphanumerics.

- 122 -

-ou organizationalUnit

Specify the organizational unit using alphanumerics.

-ea emailAddress

Specify the email address using alphanumerics.

-t title

Specify the title using alphanumerics.

-tel telephoneNumber

Specify the telephone number using alphanumerics.

-l cityOrLocality

Specify the city or locality using alphanumerics.

-s state

Specify the state using alphanumerics.

-sa {SHA1|MD5|SHA256|SHA384|SHA512}

Specify either SHA1 or MD5 as the signature algorithm for the certificate request. When omitted, a value of SHA1 is assumed.

-kl keyLabel | [-kt RSA] [-kb 512|768|1024|2048|3072|4096]

When the -kl option is specified, specify the label (using alphanumerics) for the key to be used or the new key to be created.

When the -kt option is specified, and a new key is to be created, specify the key type. Specify the following value:

RSA: Creates a key pair that uses RSA algorithm encryption.

When the -kb option is specified, and a new key is to be created, specify the key length in bits. Key length may be 512, 768, 1024,2048, 3072, or 4096 bits. If this option is omitted, 2048 bits will be specified as the default value.

-sf randomNumberFile

Specify the full path to the file name that holds the random numbers to be used when a key pair (private key and public key) are to becreated.


An application for creating a new key is created in text format in "/home/foo/myCertRequest".

Example# cmmakecsr -ed /home/sslcert -sd /home/slot -f NOHEAD -c jp -cn "foo" -o fujitsu -ea [email protected] -sTOKYO -tl footoken -sa SHA512 -kb 4096 -of /home/foo/myCertRequest

ENTER TOKEN PASSWORD=> <- (1) tokenUserPIN

Example#

C.8 cmentcert (Register Certificate)

Description

The certificate is acquired from the certificate authority and registered in the local system.

Notes

- The certificates must be registered in order starting with the root CA certificate.

Example: Root CA certificate -> Certificate authority certificate that was issued by the root CA -> ... -> Site certificate that was issuedby the certificate authority

- Specify the -ca option if a CA certificate needs to be registered.

- 123 -

Command format

cmentcert fileName

-sn slotID

[-ed certificateManagementDir]

[-nv]

[-ca | -own]

[-nn nickname]

[-ts]

[-sn slotID]

[-tl tokenLabel]

Operand

fileName

Specify the full path to the file name to where the registered certificate is stored.



-nv

Specify when certificate verification is not required when registering certificates. Normally not specified.

-ca | -own

Specify the type of certificate to be registered. Specify -ca when registering the certificates of a certificate authority (CA). Specify -own when registering the certificates of the local system. If neither option is specified, it will be treated as a certificate that is for asystem other than the local system and certificate authority.

-nn nickname

Specify a nickname for the certificate.

-ts

Specify this option to set the certificate being registered as a trust anchor.

-sn slotID

Specify the slot ID of the token where the certificate is to be registered. Omit this if the certificate is to be stored in the certificatemanagement environment.

-tl tokenLabel

Specify the token label of the token where the certificate is to be registered. The command ends in an error if there is more than onetoken with the same label. Omit this if the certificate is to be stored in the certificate management environment.


Register a certificate (/entdir/Jiro.cert) where the nickname "Jiro" is specified.

The message "normal end certid = ..." that is output in the example indicates that the certificate registration has finished normally. Thestring after "certid =" is the certificate identifier that has been given to this certificate.

Example# cmentcert /entdir/Jiro.cert -ed /home/sslcert -nn Jiro -own

normal end certid = vu5sdPOks1PpzzL+03FmybwPrmg=

Example#

C.9 cmentcrl (Register CRL)

Description

The CRL is acquired from the certificate authority and registered in the local system.

- 124 -

Notes

- When registering the CRL, if a CRL previously issued by the same certificate authority exists, the old CRL is deleted.

- The CA certificate of the certificate authority that issued the CRL must be registered beforehand.

Command format

cmentcrl fileName

[-ed certificateManagementDir]

[-nv]

Operand

fileName

Specify the full path to the file name to where the CRL to be registered is stored.



-nv

Specify when CRL verification is not required when registering the CRL. Normally not specified.


Verify and register the CRL "/entdir/Jiro.crl".

The message "normal end CrlID = ..." that is output in the example indicates that the CRL registration has finished normally.

Example# cmentcrl /entdir/Jiro.crl -ed /home/sslcert

C.10 cmlistcert (Display Certificate List)

Description

The information for the certificates that correspond to the specified search keys uses standard output.

Notes

- The certificates that can be displayed in the list are those certificates that are registered in the certificate directory.

- The command option names are used as the item names in the window display.

- Items are not displayed if information for options explained in "Operand" is not set.

- When the -c, -cn, -o, -ou, -ea, -ca, -own, and -nn options are all omitted, a list of all certificates is displayed.

Command format

cmlistcert [-ed certificateManagementDir]

[-c country]

[-cn name]

[-o organization]

[-ou organizationalUnit]

[-ea emailAddress]

[-ic countryOfCertificateAuthority]

[-icn nameOfCertificateAuthority]

[-io organizationNameOfCertificateAuthority]

[-iou organizationalUnitOfCertificateAuthority]

[-iea emailAddressOfCertificateAuthority]

[-ca]

- 125 -

[-own]

[-nn nickname]

[-su certificateType]

[-ts]

[-sn slotID]

[-tl tokenLabel]

Operand



-c country

Specify the country using alphanumerics.

-cn name

Specify the name using alphanumerics.

-o organization

Specify the organization using alphanumerics.

-ou organizationalUnit

Specify the organizational unit using alphanumerics.

-ea emailAddress

Specify the email address using alphanumerics.

-ic countryOfTheCertificateAuthority

Specify the country of the certificate authority using alphanumerics.

-icn nameOfCertificateAuthority

Specify the name of the certificate authority using alphanumerics.

-io organizationNameOfTheCertificateAuthority

Specify the organization of the certificate authority using alphanumerics.

-iou organizationalUnitOfTheCertificateAuthority

Specify the organizational unit of the certificate authority using alphanumerics.

-iea emailAddressOfTheCertificateAuthority

Specify the email address of the certificate authority using alphanumerics.

-ca

Specify when the certificates to be listed are those for a certificate authority.

-own

Specify when the certificates to be listed are those issued to you.

-nn nickname

Specify the nickname.

-su certificateType

Specify the certificate type.

1: All (default)

2: Certificate for data encryption

3: Public key certificate for the private key used for signing messages

4: Certificate for key encryption

- 126 -

-ts

Specify this option to display a list of trust anchor certificates.

-sn slotID

Specify the slot ID of the token where the certificate exists.

-tl tokenLabel

Specify the token label of the token where the certificate exists.


Display a list of certificates that include the specified organization. Specify "/home/sslcert" as the certificate management directory, and"Fujitsu" as the organization name.

Example# cmlistcert -ed /home/sslcert -o Fujitsu

CertID=vu5sdPOks1PpzzL+03Fabvcpa=

c=jp,

o=Fujitsu,

ou=EC2,

cn=Taro Fujitsu,

[email protected],

nn=Taro,

CertID=vu6sdPOks1PpzzL+04Fabvcpa=

c=jp,

o=Fujitsu,

ou=EC2,

cn=Hanako Fujitsu,

[email protected],

nn=Hanako,

Example#

C.11 cmdspcert (Display Certificate Content)

Description

The specified certificate content is edited by item and output to standard output or to a file.

Notes

- Specify at least one of the -id, -nn, or-fn options.

- Items for which identifiers are not set are not displayed.

Command format

cmdspcert [-ed certificateManagementDir]

{-id certificateIdentifier | -nn nickname | -fn certificateFileName}

[-sl displayFormat]

[-oc japaneseCodeSet]

[-of fileName]

[-sn slotID | -tl tokenLabel]

- 127 -

Operand



-id certificateIdentifier | -nn nickname | -fn certificateFileName

Specify the certificate to be displayed. Select a way to specify from the following three types:

When the -id option is specified, a registered certificate is displayed. Specify the certificate identifier (the string shown after "CertID=")that was displayed with cmlistcert.

When the -nn option is specified, a registered certificate is displayed. Specify the nickname displayed when registering.

When the -fn option is specified, an unregistered certificate is displayed. Specify the certificate file name.

-sl displayFormat

Specify one of the following display formats:

0: Display by item.

1: Display the key.

If this option is omitted, 0 (display by item) will be used as the default value.

-oc japaneseCodeSet

Specify one of the following for the Japanese character code when outputting display results:

0: JIS

1: ShiftJIS

2: EUC

If this option is omitted, 1 (Shift JIS) will be specified as the default value.

-of fileName

Specify the full path to the file name to output the display results.

If this option is omitted, standard output will be used.

-sn slotID | -tl tokenLabel

When the -sn option is specified, specify the slot ID of the token where the certificate exists. This is valid only when -id or -nn isspecified.

When the -tl option is specified, specify the token label of the token where the certificate exists. The command ends in an error if thereis more than one token with the same label. Furthermore, this is valid only when -id or -nn is specified.


Specify "/home/sslcert" as the certificate management directory, and display the content of certificates with "Jiro" specified as thenickname.

Example# cmdspcert -ed /home/sslcert -nn Jiro

CERTIFICATE:

VERSION: V1

SERIALNUMBER: 17

SIGNATURE ALGORITHM: SHA1WithRSAEncryption

ISSUERNAME:

COUNTRY: jp

STATE: Ishikawa Pref.

- 128 -

LOCALITY: Kanazawa City

ORGANIZATION: Fujitsu, Limited.

ORGANIZATIONALUNIT: Root CA Admin

NAME: Fujitsu Jiro

TITLE: Root

ADDRESS: fujitsu st.

POSTAL CODE: 111-1111

PHONE NO.: 03-1234-5678

EMAIL ADDRESS: [email protected]

VALIDITY: 19980609000000-19990602235959

SUBJECTNAME:

COUNTRY: jp

STATE: Ishikawa Pref.

LOCALITY: Kanazawa City

ORGANIZATION: Fujitsu, Limited.

ORGANIZATIONALUNIT: CA Admin

NAME: CAINFRA

TITLE: nonTitle

ADDRESS: 1-choume, 2-3

POSTAL CODE: 999-9999

PHONE NO.: 076-123-4567

EMAIL ADDRESS: [email protected]

PUBLIC KEY ALGORITHM: RSAEncryption

SIGNATURE ALGORITHM: SHA1WithRSAEncryption

SIGNATURE: 61AAA36B B5B17C44 EF7D18D1 58436FC6

08A4DCEF 0E6F5549 791C52FE 2918A009

4D2111C8 9A302A12 E44CB11C 886688E9

58D27A3A A85DED9F E4497B32 11660962

FINGERPRINT: C6 D5 71 87 0C 01 A3 58 4F 46 09 A2 B3 E8 22 1F

Example #

C.12 cmlistcrl (Display CRL List)

Description

The information for the CRLs that correspond to the specified search keys uses standard output.

Notes

- Items for which identifiers are not set are not displayed.

- When the -c, -cn, -o, -ou, and -ea options are all omitted, a list of all CRLs is displayed.

- 129 -

Command format

cmlistcrl [-ed certificateManagementDir]

[-c countryOfCertificateAuthority]

[-cn nameOfCertificateAuthority]

[-o organizationNameOfCertificateAuthority]

[-ou organizationalUnitOfCertificateAuthority]

[-ea emailAddressOfCertificateAuthority]

Operand



-c countryOfCertificateAuthority

Specify the country of the certificate authority using alphanumerics.

-cn nameOfCertificateAuthority

Specify the name of the certificate authority using alphanumerics.

-o organizationNameOfCertificateAuthority

Specify the organization of the certificate authority using alphanumerics.

-ou organizationalUnitOfCertificateAuthority

Specify the organizational unit of the certificate authority using alphanumerics.

-ea emailAddressOfCertificateAuthority

Specify the email address of the certificate authority.


Specify "/home/sslcert" as the certificate management directory, and display the list of CRLs that include "Fujitsu" in the organizationname.

Example# cmlistcrl -ed /home/sslcert -o Fujitsu

CrlID=e4GbxyzagpDwsEGea243Kn+Ufay

c=jp,

cn=Yokohama Fujitsu,

o=Fujitsu,

ou=EC2,

[email protected],

CrlID=e5GbxyzagpDwsEGea123Ln+Nfay

c=jp,

cn=Kanazawa Fujitsu,

o=Fujitsu,

ou=EC2,

[email protected],

Example#

C.13 cmrmcert (Delete Certificate)

- 130 -

Description

Deletes the specified certificate from the management environment in the local system.

Command format

cmrmcert [-ed certificateManagementDir]

{-id certificateIdentifier | -nn nickname}

[-sn slotID | -tl tokenLabel]

Operand



-id certificateIdentifier | -nn nickname

Specify the certificate to be deleted. Select a way to specify from the following two types:

When the -id option is specified, specify the certificate identifier.

When the -nn option is specified, specify the nickname of the certificate to be deleted.

-sn slotID | -tl tokenLabel

When the -sn option is specified, specify the slot ID of the token where the certificate exists. Omit this if the certificate is registeredin the certificate management environment.

When the -tl option is specified, specify the token label of the token where the certificate exists. The command ends in an error if thereis more than one token with the same label.


Deletes the certificate where the nickname "Jiro" is specified.

Example# cmrmcert -ed /home/sslcert -nn Jiro

Example#

C.14 initkn (Initialize Token)

Description

The token is initialized. The private key of the token deleted when the token is initialized.

Notes

- When entering a SO-PIN and user PIN, the characters are hidden.

- The user PIN specified in the dialog is required when Information Integrator Server performs SSL communication. This should bemanaged with care by the user.

Command format

initkn -sd slotDir

-tl tokenLabel

Operand

-sd slotDir


- 131 -

-tl tokenLabel

Specify a string of no more than 32 characters for the token label to be set for the token to be initialized. Refer to "C.2 CompatibleCharacter Sets" for information on compatible characters.


A token whose token label is "Token01" is initialized.

Example# initkn -sd /home/slot/ -tl Token01

Setting SO-PIN.

SO-PIN: <- (1)

Retype: <- (2)

New Token label: Token02

initkn: Initialize token?(y/n) y <- (3)

Setting User-PIN.

User-PIN: <- (4)

Retype: <- (5)

Example#

(1) Enter a SO-PIN between 6 and 128 characters.

(2) Re-enter the SO-PIN entered in step (1).

(3) A confirmation message for initializing the token will be displayed. Enter "y".

(4) Enter a user PIN between 6 and 128 characters.

(5) Re-enter the user PIN entered in step (4).

Refer to "C.2 Compatible Character Sets" for information on compatible characters.

C.15 setpin (Change PIN)

Description

Change the PIN of the token. Use to change the private key PIN because the token PIN was leaked, for example. cmmkenv and cmsetenvneed to be executed before this command is executed.

Notes

- When entering a SO-PIN and user PIN, the characters are hidden.

- The user PIN specified in the dialog is required when Information Integrator Server performs SSL communication. This should bemanaged with care by the user.

Command format

setpin -ed certificateManagementDir

-tl tokenLabel

[-s]

Operand



- 132 -

-tl tokenLabel

Specify the token whose user PIN is to be changed using the token label.

-s

Specify when changing the SO-PIN.

Command execution example 1 (UNIX)

A user PIN of a token whose token label is "Token01" is changed.

Example# setpin -ed /home/sslcert/ -tl Token01

User-PIN for Token01: <- (1)

New User-PIN: <- (2)

Retype: <- (3)

Example#

(1) Enter the user PIN for Token01 before the change.

(2) Enter a new user PIN between 6 and 128 characters. Refer to "C.2 Compatible Character Sets" for information on compatible characters.

(3) Re-enter the user PIN entered in step (2).

Command execution example 2 (UNIX)

The SO-PIN of a token whose token label is "Token01" is changed.

Example# setpin -ed /home/sslcert/ -tl Token01 -s

SO-PIN for Token01: <- (1)

New SOPIN: <- (2)

Retype: <- (3)

Example#

(1) Enter the SO-PIN for Token01 before the change.

(2) Enter a new SO-PIN between 6 and 128 characters. Refer to "C.2 Compatible Character Sets" for information on compatible characters.

(3) Re-enter the SO-PIN entered in step (2).

C.16 Message

C.16.1 Output FormatThe message display format is shown below.

- UNIX

UX: commandName:ERROR:[messageID]:messageBodyText

Note: The message type will always be ERROR.

- Windows

[messageNumber]messageBody

commandName

The name of the certificate management package command.

- 133 -

messageID

Message information ID number.

messageBodyText

Body text of a message.

C.16.2 Message DetailsThis section describes message numbers, message body, and message explanations.

0011

[0011]Parameter error:parameter

[Description]

A parameter error was detected when starting the command.

[Parameter description]

parameter: Indicates the parameter of the option (not applicable in some cases).

[Action]

Check the parameter when starting the command and then re-execute.

0022

[0022]Password not matched

[Description]

The password and its confirmation do not match.

[Action]

Specify the correct password, SO-PIN, or user PIN and then re-execute.

0024

[0024]Invalid token label

[Description]

There are invalid characters in the token label or its length is incorrect.

[Action]

Specify the correct token label and then re-execute.

0030

[0030]Token label already exists

[Description]

There is already a token with the same label.

[Action]

Specify a different token label.

0051

[0051]Certificate already exists

- 134 -

[Description]

An identical certificate has already been registered. Alternatively, a certificate has already been registered with the specified nickname.

[Action]

Display the list of certificates with cmlistcert and check if the specified nickname already exists. If the nickname already exists, specifya different nickname and then re-execute. There is no need to re-register if the same nickname does not exist.

0054

[0054]Invalid certification path

[Description]

The certification path is invalid and verification of the certification path failed. There three possible reasons, as follows:

- An upstream CA certificate has not been registered.

- The validity period for the certificate has expired.

- There is incorrect information in the certificate.

[Action]

Use the following procedure to check that the upstream CA certificates until the root CA certificates are all registered:

1. Display the content of registered certificates using cmdspcert.

2. Use the certificate authority information displayed (country, name, etc.) as the search keys (-cn, -o, -ou, -ea, and -ca) in cmlistcertand then execute.

3. Confirm that the searched certificate exists.

If the certificate exists, it may be that the information for the certificate has not been set correctly. Check the information below withthe certificate content display command.

- Validity period for the certificate

If the validity period for the certificate has expired, delete it and re-register.

If there is no problem with the validity period for the certificate, contact the certificate authority.

0060

[0060]Certificate not found

[Description]

The specified certificate has not been registered.

[Action]

Specify a certificate identifier or nickname that has been registered. Check if the certificate has been registered with cmlistcert.

0065

[0065]File doesn't exist:fileName

[Description]

The file does not exist.


fileName: Indicates the file name.

[Action]

Specify the correct file name and then re-execute.

- 135 -

0075

[0075] Certificate with same Nickname already exists

[Description]

A certificate with an identical nickname already exists

[Action]

Check that the certificate file is correct.

0076

[0076] Cannot read contract certificate list file

[Description]

A contract certificate list file does not exist in the specified location. Or, read permissions have not been granted.

[Action]

Check the certificate file.

0077

[0077] pfx access error:errcode1,errcode2,errcode3

[Description]

An error occurred while accessing pfx data.


errcode1: Maintenance code 1



[Action]

Take note of errcode1, errcode2, and errcode3 and contact Fujitsu technical support.

0090

[0090] Already Exist Key

[Description]

A key with the same label already exists.

[Action]

Change the label and then re-execute.

0092

[0092] Invalid key

[Description]

This is not a valid key or the key is corrupt.

[Action]

Check that the specified file name is correct. If it is correct, the key may be corrupted so contact Fujitsu technical support.

0093

[0093] Unsupported key

- 136 -

[Description]

The key is not using the PKCS format generated by either InfoCA or SystemWalker/PkiMGR.

[Action]

Check the format and contact the supplier of the key file.

0094

[0094] Key not found

[Description]

A key with the specified label is not in the specified token.

[Action]

Specify the correct token label and key label and then re-execute.

0095

[0095] Invalid data

[Description]

The data is not valid. Alternatively, the content has been corrupted and processing is not possible.

[Action]

Check if there was a problem with how the data was obtained. Alternatively, contact the supplier of the data and obtain the data again.

0096

[0096] Already Exist Keydata

[Description]

An identical key has already been registered.

[Action]

Re-registration is not necessary.

0097

[0097] Invalid Key Label

[Description]

There are invalid characters in the key label. Or the string length is incorrect.

[Action]

Specify the correct key label and then re-execute.

0101

[0101]File permission denied:fileName

[Description]

There are no access rights set for the file.


fileName: Indicates the file name.

[Action]

Check the access rights for the file.

- 137 -

0102

[0102]Work area not allocated

[Description]

The memory is insufficient.

[Action]

Increase the usable memory and then re-execute.

0104

[0104]No space in disk

[Description]

There is insufficient disk space available.

[Action]

Extend the free disk space, and then re-execute.

0106

[0106]Logical error

[Description]

An internal error has been detected in this product.

[Action]

Contact Fujitsu technical support with details of the operations performed when the error occurred.

0110

[0110]DB connect error:code1,code2

[Description]

Cannot connect to the certificate and CRL management environments.


code1: Indicates error code 1.


[Action]

The directory for the certificate and CRL management environment may have been deleted or its name may have been changed. Checkthe certificate and CRL management environments. If the certificate and CRL management environment directory exists, contactFujitsu technical support with error code 1 and code 2.

0111

[0111]DB access error:code1,code2,detail

[Description]

An error occurred while accessing the certificate and CRL management environment.




detail: Indicates error detail (not applicable in some cases).

- 138 -

[Action]

Contact Fujitsu technical support with error code 1 and code 2 and the error details.

0113

[0113]Environment file destroyed:detail

[Description]

The certificate and CRL management environments may have been corrupted.


detail: Indicates error details.

[Action]

Contact Fujitsu technical support with the error details.

0115

[0115]Cryptographic function detect error:code1,code2

[Description]

An error occurred during encryption processing.




[Action]

Contact Fujitsu technical support with error code 1 and code 2.

0116

[0116]System function detect error:code1,code2

[Description]

A system call error occurred during processing.




[Action]

Contact Fujitsu technical support with error code 1 and code 2.

0120

[0120]DB lock error

[Description]

The certificate and CRL management environments are being used exclusively.

[Action]

Wait, and then re-execute. If the problem persists, contact Fujitsu technical support.

0121

[0121]Directory doesn't exist:directory

- 139 -

[Description]

The directory has not been specified with a full path or the specified directory does not exist.


directory: Indicates the directory name.

[Action]

Specify the correct directory and then re-execute.

0200

[0200]Environment creating informations not found

[Description]

The information created with cmmkenv does not exist.

[Action]

Execute cmmkenv if cmmkenv has not been executed. If it has been executed, it is possible that the information created with cmmkenvhas been deleted. Contact Fujitsu technical support.

0201

[0201]Environment setup informations not found

[Description]

The information created with cmsetenv does not exist.

[Action]

Execute cmsetenv if cmsetenv has not been executed. If it has been executed, it is possible that the information created with cmsetenvhas been deleted. Contact Fujitsu technical support.

0205

[0205]Environment directory not found

[Description]

The specified directory is incorrect.

[Action]

Specify the correct certificate management directory and then re-execute. If there is no certificate management directory, create thecertificate management directory and then re-execute.

0206

[0206]Environment file permission denied:detail

[Description]

The user does not have access rights to access the certificate and CRL management environment. It is possible that the executor of thecommand and the WWW server administrator are different users.


detail: Indicates error detail.

[Action]

Execute the command with WWW server admin rights.

- 140 -

0207

[0207]Certificate informations already exists

[Description]

The certificate and CRL management environment cannot be created because one already exists.

[Action]

Either use a certificate and CRL management environment that already exists as is, or delete the current environment and then createa new one.

0209

[0209]Specifying the same directory(DB) name is invalid

[Description]

An identical directory name has been specified.

[Action]

The same directory name cannot be specified for the certificate and CRL management environments, so specify a different directoryname.

0300

[0300]Incorrect password

[Description]

There is an error with the password, SO-PIN, or user PIN.

[Action]


0301

[0301]Invalid password

[Description]

There are invalid characters in the password, SO-PIN, or user PIN or the string length is incorrect.

[Action]


0306

[0306]Slot not found

[Description]

The slot does not exist or the slot specified is one for which a token has already been generated.

[Action]

Either generate a slot or specify the slot ID of a slot for which a token has not been generated and then re-execute.

0307

[0307]Token not found

[Description]

The token does not exist.

- 141 -

[Action]

Specify the correct token label and then re-execute.

0315

[0315]Token label duplicated

[Description]

There are multiple tokens with identical labels.

[Action]

Contact Fujitsu technical support.

0316

[0316]Slot directory not found

[Description]

The specified directory is not a slot directory.

[Action]

Specify the directory again or create a slot directory.

0317

[0317]Slot directory permission denied

[Description]

Access to the slot directory is denied.

[Action]

Check access rights.

0318

[0318]Token exclusive error

[Description]

Processing is not possible because the token is being used by another command or application.

[Action]

If being used elsewhere, wait for that command to finish, and then re-execute. If not being used elsewhere, wait and then re-execute.

0506

[0506]Date in certificate or CRL is out of supported period

[Description]

The validity period for the certificate or the update date for the CRL falls outside of the years 1950 and 2049 and cannot be processed.

[Action]

Check the validity period of the certificate or the update date for the CRL and then contact the supplier of the certificate or CRL.

0507

[0507]Unsupported certificate

- 142 -

[Description]

The CRL is not X.509 V1, 2, or 3 so processing was not possible. Alternatively, registration is not possible because there is anunsupported certificate extension item.

[Action]

Check the certificate version and information and then contact the supplier of the certificate.

0509

[0509]Unsupported signature algorithm

[Description]

Digital signature processing is possible only with MD2+RSA algorithm encryption, MD5+RSA algorithm encryption, and SHA1+RSAalgorithm encryption.

[Action]

Contact the supplier of the certificate or CRL and acquire a certificate or CRL that uses the correct signature algorithms.

0511

[0511]Invalid certificate

[Description]

This is not a valid certificate or the certificate is corrupt and cannot be processed.

[Action]

Contact the supplier of the certificate and obtain the certificate again.

0520

[0520]Unsupported CRL

[Description]

The CRL is not X.509 V1 or 2 so processing was not possible. Alternatively, registration is not possible because there is an unsupportedCRL extension item.

[Action]

Check the certificate version and information and then contact the supplier of the certificate.

0521

[0521]Invalid CRL

[Description]

CRL is invalid.

[Action]

This is not a valid CRL or the CRL is corrupt. Contact the supplier of the CRL and obtain the CRL again.

0522

[0522]CRL already exists

[Description]

An identical CRL has already been registered.

[Action]


- 143 -

0523

[0523]CRL number already exists

[Description]

When registering a delta CRL, a CRL with an identical CRL number has already been registered.

[Action]


0524

[0524] BASECRL not found

[Description]

When registering a delta CRL the base CRL of the delta CRL has not been registered.

[Action]

Contact the supplier of the delta CRL and obtain the base CRL of the delta CRL, and then re-execute.

0525

[0525]CRL issuer certificate not found

[Description]

The certificate for the CRL issuer is not registered.

[Action]

Obtain the certificate for the CRL issuer, register it, and then re-execute. Alternatively, if there is no need to verify the digital signaturewhen registering the CRL, register the CRL without verification.

- 144 -

Date post:	28-Jun-2020
Category:	Documents
Upload:	others
View:	7 times
Download:	0 times

Setup Guide - Fujitsusoftware.fujitsu.com/jp/manual/manualfiles/m130028/...Appendix C: Certificate...

Documents